CONTINUE TO SITE »
or wait 15 seconds

Blog

Is your account info online safe from Heartbleed? There's a way to find out, and it's free

April 15, 2014 by Robert Siciliano — speaker, IDTheftSecurity.com

I'm sure you've heard the news about Heartbleed by now (unless you've been in vacation wonderland taking a tech break). This is a serious vulnerability at the core of the Internet and is something we all should be concerned about.

Heartbleed is a kink in encryption software discovered by security researchers. It's a vulnerability of OpenSSL and could affect nearly two-thirds of websites. If exploited, it can leak passwords and login names, thus putting information at risk.

McAfee, part of Intel Security, has responded to the Heartbleed vulnerability by releasing Heartbleed Checker, a free tool that can determine whether a website is safe, or whether your account information at a site might be subject to theft by hackers.

Simply open the checker page and enter the URL of the website you wish to know about. The McAfee Heartbleed Checker will determine whether the website is currently vulnerable to Heartbleed.

If the site is deemed safe, your next step is to change your password for that site. Remember, changing your password before a site is patched will not protect you and your information.

If the site is vulnerable, then your best bet is to monitor activity on that account frequently, watching for unauthorized activity.

Once the site has been patched and is no longer vulnerable to the Heartbleed bug, you should change your password, keeping three things in mind:

  1. Use strong passwords that include a combination of letters, numbers and symbols (if allowed; some websites won't accept passwords containing symbols) and that are more than eight characters in length — heck, the longer the better.
  2. Use a password manager. There are many to choose from, including McAfee SafeKey, which is included with McAfee LiveSafe. The service will help you create strong passwords and remember them for you, so you don't have to.
  3. Use two-factor authenticationfor increased security. You get a one-time code every time someone tries to log into the account, such as those for banks, social networks and email.

Heartbleed aside, passwords are more vulnerable than ever, and just in general, should be changed every 90 days for important accounts. And remember — if your information has been exposed, keep your eyes open for phishing scams.

A phishing scam is a ploy to trick you into revealing sensitive data — usernames, passwords, bank account information — often by emulating a familiar website.  If your information is compromised, even if it's just your email address, scammers can use it to try and get your other sensitive information.

In this day and age, we all need to be vigilant about protecting ourselves online. Stay safe!

Robert Siciliano is an online security expert to McAfee. He is the author of "99 Things You Wish You Knew Before Your Mobile was Hacked!" For Robert's free e-book text SECURE Your@emailaddress to 41124.

About Robert Siciliano

None

Connect with Robert:

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
Eurasian Bank selects Diebold Nixdorf's self-service software
First National Bank to open 30 branches
Romanian man arrested for alleged cash trapping ATM scheme
Replacing the ATM: Pros and cons of new vs. remanufactured
U.S. Bank resumes crypto custody services


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'