[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: please consider changing your passwords on any Internet account you might hold FW: Heartbleed Follow-up

To: http://www.state.vt.us/~Flora. (Flora E ), http://profiles.yahoo.com/Flora (Flora E ), http://www.gmail.com/~flora (Flora E )
Subject: Re: please consider changing your passwords on any Internet account you might hold FW: Heartbleed Follow-up
From: http://dummy.us.eu.org/robert (Robert)
Date: Thu, 10 Apr 2014 12:23:07 -0700
Cc: http://dummy.us.eu.org/noelleg
Keywords: spf, ifile: nonspam -55978.62838793 downloaded -57137.48637390 spam -57854.44763041 ---------

Umm, this is a bit silly if you ask me.

There is absolutely no need to change your gmail account password (unless
it's the same as another account's password -- this is a practice which
you should give up in general).

You should go through the list to only change passwords for which the web
site had the problem in the first place; the others can be ignored.

Regardless, the entire possibility of your password and/or account name
being compromised is completely probabilistic; your password would have to
happened to have been in a 64KB block in the server at some point and the
intruder would have to have grabbed that 64KB at the right time.  So, if
you haven't visited the web site in months, there's almost definitely no
need to change your password there.  Even if you visited the site more
than 3 days ago, it's unlikely to still have your information in it, and
also unlikely for the thieves to both copy all data going to that web site
and have the wherewithal to recreate your entire session to recover your
information.

 > From: ", Flora" <http://www.state.vt.us/~Flora.>
 > Date: Thu, 10 Apr 2014 18:54:03 +0000
 >
 > Just got the below email: please consider changing your passwords on any 
 > Internet account you might hold.
 > 
 > From: Bates, Karen L
 > Sent: Thursday, April 10, 2014 2:50 PM
 > To: DPS - Everyone
 > Subject: Heartbleed Follow-up
 > 
 > Everyone,
 > 
 > Earlier today I sent out an email regarding Heartbleed and its potential effect 
 > on you at home and work.
 > 
 > I would like to now encourage you to take the time and very seriously consider 
 > changing your passwords for any Internet account you may hold.
 > 
 > If you are like most folks, you have a tendency to use the same password at 
 > different websites.  If one website you've visited has been compromised, your 
 > password is out there.  Someone with bad intentions could potentially use that 
 > password to gain access to another web account using your stolen credentials.  
 > Simply because a website hasn't been compromised, does not mean that it is 
 > invulnerable.
 > 
 > Here is an updated list of sites affected by the Heartbleed vulnerability - 
 > again, please consider changing your passwords on any Internet account you 
 > might hold.

Follow-Ups:
- RE: please consider changing your passwords on any Internet account you might hold FW: Heartbleed Follow-up
  - From: , Flora

Prev by Date: RE: summer internships
Next by Date: Re: more to please consider changing your passwords on any Internet account you might hold FW: Heartbleed Follow-up
Previous by thread: RE: Change your passwords RE: Heartbleed Bug
Next by thread: RE: please consider changing your passwords on any Internet account you might hold FW: Heartbleed Follow-up
Index(es):
- Date
- Thread