Comment 13X Re: Password changes dangerous now

Poll

Because of the heartbleed bug, I...

Preview

Followed but taken no action (Score: 1)

by lhsi@pipedot.org on 2014-04-14 10:35 (#12B)

I'm not a server admin so can only wait on hearing from one that I use when/if I should change a password. My bank told me that they were not affected and I did not need to do anything.

Re: Followed but taken no action (Score: 2, Insightful)

by zocalo@pipedot.org on 2014-04-15 12:53 (#12R)

Selective password changes here too, made much easier by having unique passwords per site already, and increased the password length on a few of them too. Those that use OpenSSL and have data I care about got reset, the rest I just let be for now but will change them if anything unusual happens.

Password changes dangerous now (Score: 4, Interesting)

by Anonymous Coward on 2014-04-17 11:26 (#13Q)

Most sites have no new certificates issued (and even if, it would be of little use), so I consider password changes or any login at the moment rather dangerous. It is highly possible that if you change your passwords now, the NSA will get a full set as well.

Re: Password changes dangerous now (Score: 1)

by songofthepogo@pipedot.org on 2014-04-17 16:50 (#13X)

Good point. The sites for which I did create new passwords had issued new certs within the last week or so, but I hadn't really given adequate consideration to the possible ramifications of what might occur were I to create a new password on a site that did not yet have all its ducks in a row.

Junk Status

Not marked as junk