The Heartbleed Flaw: Best Practices for End Users
-
Upload
elastica-inc -
Category
Technology
-
view
439 -
download
3
description
Transcript of The Heartbleed Flaw: Best Practices for End Users
Zulfikar Ramzan, PhD, MITChief Technology OfficerElastica
Heartbleed Flaw: Best Practices for End Users
1
CHECK SITE SAFETY
Check any site where you enter confidential data that you don’t want to
share publicly
CHECK SITE SAFETY
https://filippo.io/Heartbleed/
1
2
UPDATE PASSWORD
If the site has implemented the Heartbleed patch, then log in and
change your password
2Image source: marc falardeau http://goo.gl/CsPgO4
If you change your password and the site hasn’t been patched, then you’re giving a hacker a
new password
3
GUIDELINES FOR PASSWORDS
Length | Complexity
3
LENGTH
Passwords should be at least 8 characters long
A strong password is 12-14 characters long
COMPLEXITY
Passwords should be a combination of letters, numbers, symbols, upper and lower case
4
HOW TO BEGIN
4
Email Provider: First, change the password for your main email provider. If your email password is compromised, other passwords can be easily accessed.
Critical services: Second, change the passwords for sites that store critical data like banks and financial institutions. Many institutions already have safeguards in place against fraudulent transactions.
Update software: A good practice is to update to the latest versions of software.
5
BEWARE
5
Don’t assume that your data is safe.
Beware of fraudulent mails offering instant patches.
Be vigilant, don’t let attackers take advantage of your nervousness.
Preferably avoid using outdated software as they are more vulnerable to threats.
Be aware of threats from data breaches, malwares and malicious software.
Thank you.