To say that the Heartbleed issue has shaken me up is an understatement. It is in fact so serious so as to make me start questioning the open source model of trust and distribution per se even if I have been a great believer since I’ve learned of it – but that is a topic for another post.
Today I just wanted to share Readwrite.com’s excellent post about Heartbleed, where they have excellent tips such as:
Step 1: Make A List Of Important Sites And Accounts
Step 2: Check Which Apps or Sites Are Vulnerable To Heartbleed
Step 3: Change Your Passwords
- For optimal security, you want long passwords with random numbers and punctuation.
- Passwords are more secure if there are no actual words in them.
- Vary your passwords for each account. Every single one of them.
- Can’t remember them all? Few could. So rely on password managers instead—that’s what they’re there for. In fact, not only can they store your logins, but they can suggest new ones, too, which would take care of all of the above.
Full read here.
Let’s be honest, all these tips are things people should have been doing in the first place.
However, I’ve never been a big fan of password managers. Rather, I memorize a set of passwords and join them at random or following a pattern dependent on the project or website I’m accessing. In short I developed my own ‘system’. And it’s not perfect. I occasionally have had to use the ‘forgot password?’ system on websites I access. But at least it is random, uses special characters and is therefore secure.
So if I were to add to this list, I would say: Develop your own system. And I don’t mean just use your birthday and your dog’s name. I mean your birthday, your dog’s name – in upper and lower case – plus an exclamation point, percent sign, number, and make it ten alphanumeric characters. Commit it to memory (you are not THAT old!), and you’ll be reasonably safe. Not perfect mind you, nothing is, but at least more difficult to hack.
