As you may know, there has been considerable news coverage this week for a security vulnerability called Heartbleed. This vulnerability affects certain versions of security software called OpenSSL. OpenSSL is used by some sites for providing secure web pages.
The networking team has checked all of the CU servers that are running OpenSSL. None of them are running versions of OpenSSL that are vulnerable. So, you do not need to worry that your CedarNet password might have been compromised because of this vulnerability. Since your CedarNet password is also your University email password, your University Google account is safe as well.
Other Passwords – Action Recommended
What should you do about other sites like Facebook, Twitter, banking, personal Google accounts, etc.? Information technology recommends that you check out this site for a current list of major services and their vulnerability: Heartbleed Websites Affected . If a site has had a known vulnerability and you have significant personal information stored on that site, it would be wise to change your password on that site.
General Password Advice
- Use strong passwords (longer, with a combination of letters/numbers/special characters) on those sites that would put you at significant risk in the event of a security problem.
- IT recommends that you use different passwords for different sites, and never use your CedarNet password as a password on another site.
Posted in: TechAlert