Internet users told to change ALL passwords in security alert over ‘catastrophic’ Heartbleed bug

  • Online security breach is described as ‘catastrophic’
  • Alert is result of internet bug Heartbleed being uncovered
  • Heartbleed is able to bypass websites’ security measures to access passwords and personal information

By Rebecca Evans and Tania Steere

Internet users have been warned to change all their computer and phone passwords following what could be a ‘catastrophic’ security breach.

Major technology firms have urged the public to immediately update their online security.

The alert is the result of the discovery of an internet bug called ‘Heartbleed’, which is able to bypass computer security settings.

LastPass Heartbleed Checker warns if a website may be at risk. It also reveals websites that aren't affected

LastPass Heartbleed Checker warns if a website may be at risk. It also reveals websites that aren’t affected

 

HOW TO BEAT THE BUG

If a password is in any dictionary in any language then it will take just three minutes to crack, warned computer expert Tony McDowell.

The worst passwords are the likes of ‘password’, ‘123456’, ‘qwerty’, or your child’s name. Using the same password for every site can leave you even more vulnerable to hackers, he added.

His advice is to use a phrase rather than a word. For example, use ‘nameisabella’ rather than just ‘Isabella’ – and use a mixture of letters and numbers.

A password of ‘name!saBe1la’ would take a year to crack, said Mr McDowell, managing director of Encription Ltd.

‘Most hackers give up after 24 hours unless it is something they really want to gain access to,’ he added.

WHICH MAJOR SITES ARE AT RISK?

Potentially vulnerable sites:

Facebook, Twitter, Tumblr, Instagram, Google, Gmail, Lloyds TSB, Nationwide, Santander

Safe sites:

Bing, Yahoo, Flickr, LastPass, DuckDuck Go, Natwest, GitHub

The tool is a guide to affected services; it is not a definitive list.

Sites listed as vulnerable may use unreported servers, meaning their status can’t be officially verified.

As a result, personal information such as passwords and credit card details has been accessible.

 

Read More Here

 

…..

Heartbleed test

 

……

Enhanced by Zemanta
About these ads