Many internet users have found themselves confused and perturbed in the aftermath of the Heartbleed vulnerability revelations.
Sensationalist front-page news reports have screamed at people to change ALL their online passwords, warning of terrifying consequences for those who fail to do so. Meanwhile other experts have told people to do quite the opposite and recommended holding off on doing so for a while for fear of new passwords potentially becoming accessible to hackers and cyber criminals. Here at BestVPN, we ourselves reported on these recommendations here.
Now, the Mashable website has produced a “hit list” of sites where they recommend an immediate password change. This includes some very big names such as Facebook and Google.
What’s surprising here is that the sites themselves have, so far, done very little to encourage password changes. Here’s an example: Mashable contacted Facebook who said the following:
We haven’t detected any signs of suspicious account activity, but we encourage people to … set up a unique password.
Given that that is their official line on the matter, it seems surprising (and a little worrying) that they haven’t forced a password change yet, or indeed published any information that the average non-technical Facebook user would have seen.
Some sites have, admittedly, been more proactive. SoundCloud announced via a banner that logged on users would be automatically signed out and forced to change their password. However, other key sites have remained quiet, despite telling Mashable that they do recommend password changes.
Mashable’s full list of recommended password changes is available here, but we’ll leave you with a list of the key sites on which they recommend you change your credentials. We’d be extremely surprised if you’re not affected by at least one of these!
Even with just the seven companies above in mind, it’s clear that we’re entering a scary time for Internet security. Millions of people will undoubtedly need to devote time to password changes in the coming days.