Zulfikar Ramzan, PhD, MITChief Technology OfficerElastica

Heartbleed Flaw: Best Practices for End Users

1

CHECK SITE SAFETY

Check any site where you enter confidential data that you don’t want to

share publicly

CHECK SITE SAFETY

https://filippo.io/Heartbleed/

1

2

UPDATE PASSWORD

If the site has implemented the Heartbleed patch, then log in and

change your password

2Image source: marc falardeau http://goo.gl/CsPgO4

If you change your password and the site hasn’t been patched, then you’re giving a hacker a

new password

3

GUIDELINES FOR PASSWORDS

Length | Complexity

3

LENGTH

Passwords should be at least 8 characters long

A strong password is 12-14 characters long

COMPLEXITY

Passwords should be a combination of letters, numbers, symbols, upper and lower case

4

HOW TO BEGIN

4

Email Provider: First, change the password for your main email provider. If your email password is compromised, other passwords can be easily accessed.

Critical services: Second, change the passwords for sites that store critical data like banks and financial institutions. Many institutions already have safeguards in place against fraudulent transactions.

Update software: A good practice is to update to the latest versions of software.

5

BEWARE

5

Don’t assume that your data is safe.

Beware of fraudulent mails offering instant patches.

Be vigilant, don’t let attackers take advantage of your nervousness.

Preferably avoid using outdated software as they are more vulnerable to threats.

Be aware of threats from data breaches, malwares and malicious software.

Thank you.