Followed but taken no action (Score: 1) by lhsi@pipedot.org on 2014-04-14 10:35 (#12B) I'm not a server admin so can only wait on hearing from one that I use when/if I should change a password. My bank told me that they were not affected and I did not need to do anything. Re: Followed but taken no action (Score: 2, Insightful) by zocalo@pipedot.org on 2014-04-15 12:53 (#12R) Selective password changes here too, made much easier by having unique passwords per site already, and increased the password length on a few of them too. Those that use OpenSSL and have data I care about got reset, the rest I just let be for now but will change them if anything unusual happens. Password changes dangerous now (Score: 4, Interesting) by Anonymous Coward on 2014-04-17 11:26 (#13Q) Most sites have no new certificates issued (and even if, it would be of little use), so I consider password changes or any login at the moment rather dangerous. It is highly possible that if you change your passwords now, the NSA will get a full set as well. Re: Password changes dangerous now (Score: 1) by songofthepogo@pipedot.org on 2014-04-17 16:50 (#13X) Good point. The sites for which I did create new passwords had issued new certs within the last week or so, but I hadn't really given adequate consideration to the possible ramifications of what might occur were I to create a new password on a site that did not yet have all its ducks in a row.
Re: Followed but taken no action (Score: 2, Insightful) by zocalo@pipedot.org on 2014-04-15 12:53 (#12R) Selective password changes here too, made much easier by having unique passwords per site already, and increased the password length on a few of them too. Those that use OpenSSL and have data I care about got reset, the rest I just let be for now but will change them if anything unusual happens. Password changes dangerous now (Score: 4, Interesting) by Anonymous Coward on 2014-04-17 11:26 (#13Q) Most sites have no new certificates issued (and even if, it would be of little use), so I consider password changes or any login at the moment rather dangerous. It is highly possible that if you change your passwords now, the NSA will get a full set as well. Re: Password changes dangerous now (Score: 1) by songofthepogo@pipedot.org on 2014-04-17 16:50 (#13X) Good point. The sites for which I did create new passwords had issued new certs within the last week or so, but I hadn't really given adequate consideration to the possible ramifications of what might occur were I to create a new password on a site that did not yet have all its ducks in a row.
Password changes dangerous now (Score: 4, Interesting) by Anonymous Coward on 2014-04-17 11:26 (#13Q) Most sites have no new certificates issued (and even if, it would be of little use), so I consider password changes or any login at the moment rather dangerous. It is highly possible that if you change your passwords now, the NSA will get a full set as well. Re: Password changes dangerous now (Score: 1) by songofthepogo@pipedot.org on 2014-04-17 16:50 (#13X) Good point. The sites for which I did create new passwords had issued new certs within the last week or so, but I hadn't really given adequate consideration to the possible ramifications of what might occur were I to create a new password on a site that did not yet have all its ducks in a row.
Re: Password changes dangerous now (Score: 1) by songofthepogo@pipedot.org on 2014-04-17 16:50 (#13X) Good point. The sites for which I did create new passwords had issued new certs within the last week or so, but I hadn't really given adequate consideration to the possible ramifications of what might occur were I to create a new password on a site that did not yet have all its ducks in a row.