Aftereffects of Heartbleed: Have You Changed these Passwords?

Last week we wrote a blog about Heartbleed, the latest security bug that turned up around the world and caused global mayhem. The bug targeted the SSL encryption of web services that used OpenSSL, and this meant pretty much every major web service was affected. Moreover, security researchers subsequently found that this bug had been around for close to 2 years. And the origin of Heartbleed owed a lot to a simple mistake by a German research team.


While most of the web services have now fixed their SSL technology to combat this bug, it is imperative that all web users change their passwords immediately, if not already done so. Changing these passwords will ensure that potential security risks and password leaks are avoided before they actually happen.

Refer to the following list for sites for which it is recommended that you change your passwords at the earliest.

Sites Password to be changed Sites Password to be changed No Intuit (TurboTax) No
1Password No IRS No
Amazon No LastPass No
Amazon web services Yes LinkedIn No
American Express No Minecraft Yes
American Funds Yes Netflix Yes
AOL No OKCupid Yes
Bank of America No Pandora No
Barclays No PayPal No
Box Yes Pinterest Yes
Capital One No PNC No
Chase No Schwab No
Citigroup No Scottrade No
Dashlane No SoundCloud Yes
Dropbox Yes Instagram Yes
E*Trade No SpiderOak No
eBay No T. Rowe Price No
Etsy Yes TaxACT No
Evernote No TD Ameritrade No
Facebook Yes TD Bank No
Fidelity No Tumblr Yes
FileYour No Twitter Unclear
Flickr Yes U.S. Bank No
GitHub Yes USAA Yes
Gmail Yes Vanguard No
GoDaddy Yes Venmo Yes
Groupon No Wells Fargo No
H&R Block No Wikipedia Yes Yes WordPress Yes
Hotmail/Outlook No Wunderlist Yes
Hulu No Yahoo Mail Yes
IFTTT Yes YouTube Yes


If you are not using unique passwords for every online account you have and if you are not changing your passwords regularly, then trust us, this is the best time you should start doing so. Stay safe!


Rajiv Singha

Rajiv Singha

No Comments, Be The First!

Your email address will not be published.