Ok, so unless you have been living under a rock for the last few weeks, you will have heard about this bug (also referred to as SSL or secure certificates). A bug is a mistake in the programming code that has been around for over 2 years. This is the first thing that you should be aware of. The problem has already been around for over 2 years, so although it’s now receiving a lot of publicity, the chances are that if it was going to affect you then it would have already done so.
So what is it? Well it’s a bug that affects certain SSL (secure sockets layer) certificates – these are the things that usually protect us when we are on a secure website. These websites are usually ones where we use our credit card – for example when booking flights, buying things online or even accessing our email. Secure websites are the ones that display a padlock next to the website address.
The bug means that it’s possible for unscrupulous people to “read” the information sent to and from these websites, meaning that anything you sent in the past two years thinking that it was secure was potentially at risk – that’s why it is such a big deal.
My take on this is that if someone had gained access to my private information (email, credit card info etc.), then they would have used that information by now and I would therefore already be aware. Of course this doesn’t mean that you should ignore the risk now we know about it – just don’t get stressed about it
Ok, so what should you do about it? Well the first thing to do is make a list of the websites that you think may have been affected – that’s any site you use that has a secure login. Once you have your list, you can check the website is now secure by using the following tester website…
https://filippo.io/Heartbleed
…just enter the website address that you want to check and you can see whether the site has been fixed or not.
So, once you know which websites that you use have been fixed, you can then safely change your password for that website – there is no point in changing the password if the website has not been fixed, as it will still be vulnerable in the same way as it has been for the past 2 years.
That’s it – follow some simple steps, don’t get stressed about it and everything will be fine – of course we are always here if you need any specific advice or help.