By now you have most likely heard about the Heartbleed vulnerability. Simply put, up until a few days ago there was a bug in the software that secures most web sites. Even if you saw the little lock in the browser address bar your information, like user ids and passwords, could have been captured.#

If you are paying attention you most likely decided to change all your passwords, and you may have also most likely come to the realization that you have a bazillion passwords. The need for so many passwords is a real problem and Heartbleed exposes that problem. #

You should not use the same passwords for web sites that contain any sensitive information, yet if you are going to use say more than seven web sites, how is one to create and remember so many passwords? What I do for this problem is used an app called LastPass. #

LastPass generates strong passwords, passwords that are at least 12 characters long with random characters and stores them for me in an encrypted database. When I access one of my trusted computers, I log in to LastPass and when I need to access a web site I retrieve my user id and password from it. #

Another way that LastPass has helped me with Heartbleed is that it provides a tool to scan all the web sites for which I have passwords, checks to see when that site's SSL certificate was changed, compared it to when I last changed my password for that site, and then told me whether or not I need to update my password. Of course, this tools is only as useful as the number of web sites I use LastPass with, otherwise it doesn't know I used the site nor when I last changed my password. #

In an ideal world, there would be another way for us to secure access to web sites. It might combine something I know (like a password I memorize), with something I have that is embedded within the computing device I am using in a highly secured manner. This is known as multi-factor authentication, and is used by several web sites like Google, Facebook, Twitter, Evernote, and LastPass. Until then, utilizing a tool that generates strong passwords and using that tool is probably one of the best approaches that we can take.#

Here is a quick way to confirm that your browser is properly checking for server certificate revocation. Read this for why this matters.#

Brendan Shanahan Joins Leafs As President & Alternate Governor Shanahan moves from leading the NHL's player safety office, which hands out play penalties, to leading the Toronto Maple Leafs. It also means the Red Wings now face two teams in the east lead by former players. Steve Yzerman is the GM of the Tampa Bay Lightning.#

Steer breaks free from North Dakota slaughterhouse, ends up at Ann Arbor-area animal sanctuary.#

© 2015 Frank McPherson.
Last update: Fri, Jan 9, 2015 at 3:06 PM.
You should never argue with a crazy man.