AbsolutePunk.net
   Username
Password
 
Share
05:12 AM on 04/12/14 
Offline
User Info.
weirderthanu210
Love me
weirderthanu210's Avatar
Long Island
Male - 21 Years Old
just updated a ton of my passwords and downloaded 1password. really great app.
06:34 AM on 04/12/14 
Offline
User Info.
digitalbybirth
Regular Member
digitalbybirth's Avatar
Saigon
Male - 32 Years Old
This may help you out. Just type in the site you're concerned about and it'll tell you it's security status and whether you need to change you password.

https://lastpass.com/heartbleed/
12:26 PM on 04/12/14 
Online
User Info.
Jason Tate
Jason Tate's Avatar
Portland, OR
Male - 31 Years Old
Staff Member


http://xkcd.com/1354/

A (good) explanation of how it works.
12:26 PM on 04/12/14 
Online
User Info.
Jason Tate
Jason Tate's Avatar
Portland, OR
Male - 31 Years Old
Staff Member
01:46 PM on 04/12/14 
Offline
User Info.
xapplexpiex
&.&
xapplexpiex's Avatar
Warren, MI
Male - 22 Years Old
I'm doing some research on Heartbleed now. I know very little about technology, but this 1password app I've been hearing about doesn't sound too great. If someone hacks that, like the Heartbleed hacked all those sites, then they'd get all my passwords at once.

I must be missing something here.
01:51 PM on 04/12/14 
Online
User Info.
Jason Tate
Jason Tate's Avatar
Portland, OR
Male - 31 Years Old
Staff Member
I'm doing some research on Heartbleed now. I know very little about technology, but this 1password app I've been hearing about doesn't sound too great. If someone hacks that, like the Heartbleed hacked all those sites, then they'd get all my passwords at once.

I must be missing something here.
If someone can hack 1Password's AES-256 cryptography -- we have a much, MUCH, larger problem. Having unique, long, strong, passwords for each login (where the point of attack will usually happen) is much more secure.

There's a big difference between what Heartbleed is (an OpenSSL bug) and a coordinated "hack."
02:02 PM on 04/12/14 
Offline
User Info.
xapplexpiex
&.&
xapplexpiex's Avatar
Warren, MI
Male - 22 Years Old
If someone can hack 1Password's AES-256 cryptography -- we have a much, MUCH, larger problem. Having unique, long, strong, passwords for each login (where the point of attack will usually happen) is much more secure.

There's a big difference between what Heartbleed is (an OpenSSL bug) and a coordinated "hack."
Ok, thanks. That makes sense.
04:26 PM on 04/12/14 
Offline
User Info.
eriatarka24
*
eriatarka24's Avatar
CNET: Check which sites have been patched
http://www.cnet.com/how-to/which-sit...eartbleed-bug/

How to tell if your Android device is vulnerable to Heartbleed
http://www.cnet.com/how-to/how-to-te...to-heartbleed/
04:42 PM on 04/12/14 
Online
User Info.
Jason Tate
Jason Tate's Avatar
Portland, OR
Male - 31 Years Old
Staff Member
More reading:

Test the strength of your password: http://rumkin.com/tools/password/passchk.php

And a primer on good passwords.

05:36 PM on 04/12/14 
Online
User Info.
Ryan Dennehy
______________
Ryan Dennehy's Avatar
Connecticut
Male - 21 Years Old
Staff Member
Just picked up 1Password. Even if I'm not overly concerned about Heartbleed because I have very little damage that can be done to me, I figure the $9 now is worth it for when I actually have important things to guard.
05:52 PM on 04/12/14 
Offline
User Info.
richter915
@Richter915
richter915's Avatar
Male - 27 Years Old
most banks seem to be safe and gmail seems ok as well. I think it'll be ok.

the cause of the "bug" is hilarious though...not so much a bug as it is just bad code.
09:01 PM on 04/12/14 
Offline
User Info.
lp670sv
Go Sabres
lp670sv's Avatar
Buffalo, NY
Male - 22 Years Old
most banks seem to be safe and gmail seems ok as well. I think it'll be ok.

the cause of the "bug" is hilarious though...not so much a bug as it is just bad code.
That's the definition of a bug.
09:14 PM on 04/12/14 
Online
User Info.
Jason Tate
Jason Tate's Avatar
Portland, OR
Male - 31 Years Old
Staff Member
most banks seem to be safe and gmail seems ok as well. I think it'll be ok.

the cause of the "bug" is hilarious though...not so much a bug as it is just bad code.
Google was affected.
09:15 PM on 04/12/14 
Online
User Info.
Jason Tate
Jason Tate's Avatar
Portland, OR
Male - 31 Years Old
Staff Member
Just picked up 1Password. Even if I'm not overly concerned about Heartbleed because I have very little damage that can be done to me, I figure the $9 now is worth it for when I actually have important things to guard.
Great call IMO. Good security practices and good backup are two things I think are worth starting early.
11:39 PM on 04/12/14 
Online
User Info.
codeseven
fucked tortured and discarded
codeseven's Avatar
Raleigh, NC
Male - 26 Years Old
I'd be very weary having something like 1Password on my machine. Especially for the common user who probably has gone and downloaded that MP3 file they really wanted and wasn't aware that binded to it was a virus/trojan that allows a malicious user to remote in and do whatever the hell they want. Tools like that are so easy to use these days, a complete noob to computers could read one of the many guides on the net about it and be up and running and have 10+ "slaves" in a few hours.

In my opinion, (1) go here and keep hitting refresh until you see a string that looks easy to remember, then (2) stop checking that "keep me signed in" button so you are forced to keep manually typing in your password(s) so you come to remember them. It really is very simple just using your brain to manage your passwords. And when it comes to convenience over security, it's an obvious answer to me which one is more important.



NEWS, MUSIC & MORE
Search News
Release Dates
Exclusives
Best New Music
Articles
CONNECT
Submit News
Forums
Contests
Mobile Version
AP.net Logos
HIDDEN TREASURES
AbsolutePunk Podcast
Free Music
Sports Forum
Technology Forum
Recommendations
INFORMATION
Advertising
Contact Us
Copyright Policy
Terms of Service
Privacy Policy
FOLLOW
Twitter | Facebook | RSS
PropertyOfZack
PunkNews.org
UnderTheGun
Chorus.fm