Internet users told to change ALL passwords in security alert over ‘catastrophic’ Heartbleed bug
Online security breach is described as ‘catastrophic’
Alert is result of internet bug Heartbleed being uncovered
Heartbleed is able to bypass websites’ security measures to access passwords and personal information
Internet users have been warned to change all their computer and phone passwords following what could be a ‘catastrophic’ security breach.
Major technology firms have urged the public to immediately update their online security.
The alert is the result of the discovery of an internet bug called ‘Heartbleed’, which is able to bypass computer security settings.
LastPass Heartbleed Checker warns if a website may be at risk. It also reveals websites that aren’t affected
HOW TO BEAT THE BUG
If a password is in any dictionary in any language then it will take just three minutes to crack, warned computer expert Tony McDowell.
The worst passwords are the likes of ‘password’, ‘123456’, ‘qwerty’, or your child’s name. Using the same password for every site can leave you even more vulnerable to hackers, he added.
His advice is to use a phrase rather than a word. For example, use ‘nameisabella’ rather than just ‘Isabella’ – and use a mixture of letters and numbers.
A password of ‘name!saBe1la’ would take a year to crack, said Mr McDowell, managing director of Encription Ltd.
‘Most hackers give up after 24 hours unless it is something they really want to gain access to,’ he added.
WHICH MAJOR SITES ARE AT RISK?
Potentially vulnerable sites:
Facebook, Twitter, Tumblr, Instagram, Google, Gmail, Lloyds TSB, Nationwide, Santander
Bing, Yahoo, Flickr, LastPass, DuckDuck Go, Natwest, GitHub
The tool is a guide to affected services; it is not a definitive list.
Sites listed as vulnerable may use unreported servers, meaning their status can’t be officially verified.
As a result, personal information such as passwords and credit card details has been accessible.