A few days ago when researchers reported a critical Internet Security Vulnerability, close to hysteric articles began to publish in the press regarding to the subject. Some of them suggested that people should change their passwords and if possible not to use internet. But it’s merely a wrong conception in fact it can deteriorate the situation if you try to change all your passwords now. This vulnerability is attributed as Heartbleed. Sarcastically it almost gave a heart attack to billions of internet users. But you will be relieved to know that a patch has been created to fix this vulnerability. Patch is an update for OpenSSL.
Those organizations which are running OpenSSL have applied for patch and they are not weak any more. OpenSSL is a version of the SSL technology used by websites to protect web connections for credit card payments, bank payments and other highly sensitive actions. Several mobile apps use SSL and to secure web-based remote access SSL are used. Half-a-million sites that were using OpenSSL are actually insecure. The programming fault that was found in OpenSSL means that anybody who has a profound knowledge in tools and software including hackers can read the data and they can easily read the password and credit numbers and the rest you can guess, they can exploit these details in criminal activities.
Verify some issues before you perform sensitive tasks over HTTPS. If you are using a vulnerable site as well as a non-vulnerable site and have assigned same password for both sites, you should immediately change the password of the non-vulnerable sites. Check that whether the site is running OpenSSL; if for the last few years it is not running OpenSSL it is impermeable to the recent bug. And if you find that the site runs OpenSSL, ensure it was patched. Maximum prime sites have done patch. In this situation you may change the password for the sites. Keep one thing in your mind do not assign a weak password.
You may be in hurry as you have to update several passwords at a time but please assign a strong password and don’t repeat the same password. Password for the sensitive sites should be distinctive from others. And if you find out a site which is vulnerable and did not confirm that it was patched, wait to change your password, avoid the sites and changing your password in such situation can worsen the circumstances. Do not click into any links to go to sensitive sites; instead of that type the URL and by this you can prevent phishing attacks. Under this circumstance you may use impersonate that use SSL, because they are not easy to hack. You will find many real-looking phishing sites so just be aware of those sites. Browser Vendor, who are running weak version of OpenSSL may add a code to warn the users to protect their privacy. These sites are too weak to handle such important business affairs.