A DUNSBOROUGH computer security researcher has called on all internet users to change their passwords in the wake of a major security flaw last week.
Security researcher Alex Dolan said the flaw dubbed Heartbleed impacted about two thirds of the internet.
Accounts such Google, Facebook, Twitter and Yahoo are just a few that were vulnerable to the flaw.
“The nature of Heartbleed involves an attacker sending specially crafted input to a web server (email login, for example) and being able to retrieve parts of the private code that make it secure,” Mr Dolan said.
“With the code that the attacker retrieves from these servers, they can read all the private data, including passwords and any other information sent over the internet.”
Not only was a widespread of the internet insecure from this flaw but information was from vulnerable dating back two years.
“Every provider running this version of software from May 2012 to of April 8, 2014 is potentially insecure,” Mr Dolan said.
The top 1000 most popular websites were deemed vulnerable and with the popularity of the problem the big providers were onto it straight away.
“Big providers have already fixed it only hours after they were notified, some companies will never fix it,” Mr Dolan said.
Because people cannot tell whether or not they have been hacked from attackers using the flaw or from future risks, the key is to change your passwords Mr Dolan said.
“People should always play on the safe side with their information security,” he said. “You should never use the same password twice and keep an eye out for suspicious emails in the coming weeks,
“Scammers will use this Heartbleed event to try to leverage password reset emails from users, so be careful.”
Mr Dolan recommended people change their passwords every three months and “never” recycle them.
There are safe ways for people to have different passwords and remember them through password manager sites.
Mr Dolan recommended two; 1password and LastPass.
The sites store your passwords and allow you to access them with a master password to keep out hackers.
For more information you can visit staysmartonline.gov.au