I've a dozen email accounts, probably a hundred websites and forum accounts and I don't want to go about changing all the passwords.
Do I need to change the password of websites that I seldom logon - or the logon is "saved" in the browser cookie?
Asked
Active
Viewed 104 times
2 Answers
2
Ultimately its your call, however yes, you should change all your passwords ONCE YOU KNOW THE PROVIDER HAS UPGRADED THEIR AFFECTED SYSTEMS (or if you know they are not affected but have used the same password in multiple locations).
Unfortunately Heartbleed allows a bad player to get unencrypted usernames and passwords which are in memory on a compromised system. Having the passwords stored in your browser (but not used) is probably not an issue though.
Although this vulnerability has only been common knowledge for days, it is possible that the system has been compromised by sophisticated players (think NSA) for up to 2 years - so another component to the question is "how worried are you about government agencies being able to continue to access your details through these systems".
I grant you that what I am saying is probably paranoid. Unfortunately Edward Snowden has shown they are actually watching us !!
davidgo
- 73,366
1
Two things to consider on those sites: does the site have your credit card information or other important data stored? If so, be cautious and change it. If you have used that same username and password on other sites where you have important data, you would also want to change it.
Joel
- 121