Loyola U. Chicago Computer Science News

Apr 09 2014 gkthiruvathukal

Heartbleed/OpenSSL Security Flaw: Act Now!

As has been widely reported, there is a major security flaw associated with OpenSSL that affects a significant number of services that rely upon it, including many well-established Internet properties.

This is a good time to reset your passwords everywhere (university, work, and personal). Speaking from my own experience, I have been moving to password vaults such as LastPass, 1password, Dashlane, which all support an additional layer of security (an envelope, if you will) around the data stored in the vault. I will stop short of prescribing any one solution and leave this decision to you. A key reason you would want to use one of these services is that they provide you with support for random-password generation (of arbitrarily long passwords) and can even support different generation schemes to comply with different password requirements.

This is a good time to also start learning about two-factor authentication, which is provided by many of the good Internet companies. Users of Google, for example, have been armored with this extra layer of protection for years, provided you enable it. 

Should you have any questions, please contact Dr. Thiruvathukal or Mr. Miao Ye. We’ll be happy to assist you.

In short, now is the time to act. Don’t get hacked!

Regards,
George K. Thiruvathukal
Professor and Computing Director, Computer Science

  /  

Page 1 of 1