Google+ One thing you must do right now in response to the ‘Heartbleed’ bug by Kim Komando ~ High Tech House Calls
Expert Computer Consulting for Homes and Small Businesses

Let there be hope...

Life has changed there is no doubt and we wanted to reach out to see how you are doing.

As we go through this interesting time, we are trying to look at this as an opportunity to focus on our family and on friends like you. Let us use this extra time to catch up and talk more. Let us cook food that is not fast, but interesting and satisfying. Let us learn to enjoy a time to try new things. Let us find ways to enjoy time at home!

Computer Security

If my client base is any experience, anyone can be a victim of a Ransomware, Malware or Virus attack.

What can you do about it?

I conduct audits of your entire computer infrastructure and apply best practice solutions to plug the security holes on your computers, Smartphones and networks.

Now offering consultations to give you the best protection possible:


404.229.0839
carlthorne@hthcatlanta.com

Jack of All Trades, Master of Many

Jack of All Trades, and Master of Many

We provide technical support for:


Homes and small businesses

Windows and the Mac OS platform

iPhones and Android Smartphones

Wireless and wired networks

New device setup

Old device upgrade or repair

One-on-one training

Remote assistance


How To Stop Malware

Sunday, April 20, 2014

One thing you must do right now in response to the ‘Heartbleed’ bug by Kim Komando

In case you missed it, the big news of the week is the “Heartbleed” bug that’s been exposing sensitive

However, I’ve gotten lots of questions asking for more detail on a specific suggestion I made for staying safe. So, here it is, in more detail.

And this advice isn’t just for Heartbleed; every computer user needs to know how to do this one thing.

I am, of course, talking about the right way to change your online passwords. Even if you think you know how, read on to make sure you aren’t missing an important step.

Controversy: There is still some debate about when you should change your online passwords in response to Heartbleed. If you change a password before Heartbleed is fixed on a site, hackers can get your new password and you’ll have to change it again.

On the other hand, hackers might already have your information and could use it at any moment if you don’t change your password. So, it’s really up to you how you want to proceed. I think changing your password immediately is better, but I understand it makes things more difficult. Let’s be honest; Heartbleed is a very difficult problem, for all of us.

Fortunately, most of the major sites have updated their servers at this point, so it should be fine to change your passwords. Click here to see which major sites were affected. For smaller sites, you can check to see if they’re still a threat with these sites.

Before I talk about changing passwords, I should point out a password danger you might not know. Did you know that your browser is saving every password you type? And, even worse, did you know anyone can see them if they know where to look?

It’s true. I’ve talked before about this problem and even wrote up the instructions for where to look. Click here to find out what they are for your browser. Of course, these instructions are for you to check out your passwords; don’t use them to snoop on anyone else’s passwords.

This is also a good way to find accounts you’ve created online in the past that you forgot about. Given the scope of Heartbleed – up to two thirds of all websites, remember – you want to be as thorough as possible.

1. Create a list of sites

Start with a list of the websites where you have accounts. This is probably going to be a long list, but it can’t be helped.

2. Prioritize

Find out which sites Heartbleed affected from this list. That list sticks mostly to major sites, so for smaller sites use these tools to see if Heartbleed is still a problem.

Move the most sensitive sites, like email and social media, to the top of the list and work your way down to the least important.

Note: Major bank sites didn’t have a problem with Heartbleed. However, if you used the same password for other accounts as you did for your banking account, you need to change that as well.

3. Make new passwords

If you’re changing your passwords, obviously you need to make new ones. Be sure they’re strong and unique for every site. Click here for my steps to creating strong, unique passwords that are easy to remember.

Bonus tip: Don’t forget to beef up your security questions while you’re at it.

If you’re worried about remembering your passwords, you can use a password manager like KeePass. This will store your passwords in an encrypted file, and you only need to remember one password to open it. It can even make super-secure passwords for you.

4. Change your passwords

Visit the first site on your list and log in to your account like you normally would. The option to change your password is usually under the Profile or Settings section.

If you don’t remember your password or are having trouble finding where to change it, click the “Forgot password” link. This is usually near the sign-in area and will eventually land you on the page to set a new password.

Bonus tip: If the site is one you haven’t used in a while, think about if you actually need an account. If you don’t, close out your account or replace your information with junk information. A site like AccountKiller will tell you how to close your account on most major websites.

Once you’ve changing a password, cross that account off your list and move on to the next one. Once you’re done, keep the list handy for reference in case a site you might have forgotten pops into your head later. You can check to see if you already hit it.

5. Avoid scams

Scammers are going to use this Heartbleed situation to try and trick you. Lots of real sites are sending out email asking you to change your password. Scammers are going to try slipping some fake email into your inbox as well.

The ironclad rule is to never click on an email link to change your password (or for any other in an unsolicited email). Always go to the site yourself and follow the directions I gave above.

Links in fake email will take you to malicious sites, or a page that looks like the legitimate site’s login page. If you put in your password, hackers will have full access to your real account. So, be careful.
information on two-thirds of the websites on the Internet for the last two years. Yes, it’s as bad as it sounds.

Why not sign up for my newsletter? We will never sell or sell your email address. Unsubscribe at any time by clicking the unsubscribe link at the bottom of the newsletter.

Email Newsletter icon, E-mail Newsletter icon, Email List icon, E-mail List icon Sign up for our Email Newsletter


For Email Marketing you can trust

Carl Thorne
Expert Computer Consulting