How to protect yourself from Heartbleed

heartbleed2.png (1440×720)
Protect yo' neck (and your bank account).

One of the biggest security threats the Internet has ever seen hit early this week in the form on the Heartbleed bug, an encryption flaw that has exposed private data on millions of websites, including YahooAirbnbOKCupid, and Tumblr.

Because the bug affects roughly two-thirds of the entire Web, you’ve almost certainly been hit in one way or another. The brunt of the recovery responsibility is now on Internet companies and websites that must update their software and otherwise deal with Heartbleed. However, there are numerous ways you can protect yourself. Here's what you need to do until the heartbleeding has stopped.

Don’t login to websites until they’ve fully fixed the problem.

Websites still vulnerable to Heartbleed can potentially give away your username, password, and much more. A number of websites, like this one and this one, will tell you if the websites you frequent are unsafe. Steer clear of any sites that are listed as potentially vulnerable—your passwords and everything you do on the site can still be stolen.

Once a website is updated and safe, change your passwords.

Banks and email accounts contain extremely sensitive information that, thanks to this bug, could be snatched by attackers. That’s not all: Dating sites, social media, forums, and more can be affected. When a website is deemed safe, as described above, you should login and change your passwords for your own safety. 

Even if your email password wasn’t directly breached, remember that many people use the same password for various accounts. If one account was breached, all other accounts that have the same (or similar) passwords become vulnerable. It’s a bit of a pain, sure, but changing your password now is something that can save you a lot more trouble down the road.

Watch your financial statements and email logins over the near future.

Heartbleed is not new. It was discovered by the public recently, but the vulnerability is at least 2-years-old. Pay close attention to financial statements and email account activity over the next days and weeks to see if anything strays from normal. If you want to check in on your bank or credit card accounts immediately, the safest bet is to call. 

Illustration by Jason Reed

Passweird generates passwords so gross, you won't want to use them
We sincerely hope you’re not using passwords like “123456” or, god forbid, “password,” in your day-to-day Internet surfing. Ideally, you’ve come up with a few exceedingly strange alphanumeric clusters to thwart hackers and identity thieves. But what if you want to add another layer of security—one that’s filthy, grotesque, stomach-turning, and downright squirm-inducing? In that case, you’ve got to check out Passweird.
From Our VICE Partners

Pure, uncut internet. Straight to your inbox.

Thanks for subscribing to our newsletter!