Protect Your Credit  |  Protect Your Login Info  |  Invest for Retirement  |  Investment Resources

As has been said by one well-known anti-hacker: “The only secure password is the one you can’t remember!“

In January 2019, the largest breach ever announced was one of over 750 million accounts where logins and passwords were made available to hackers on the internet. You should check to see if your email is included via Troy Hunt’s haveibeenpwned.com

Reading this linked article (troyhunt.com) should motivate you enough to change your login passwords to be UNIQUE FOR EVERY SITE you log into.  See below.

In Fall 2017, it is almost a guarantee that your private credit info was exposed in the recent Equifax breach.

In 2016, it was reported that over 3 billion Yahoo, Tumblr, and Flickr accounts were hacked.

In Spring 2014, the”Heartbleed Bug” became known in mid-spring 2014. In summary, with all of the hacks that have taken place since, you should change ALL of your online passwords AND never (never, never, never, never, ever) use the same password for more than one login. 

Each login should have a UNIQUE, random, complex password.  If you can remember the password, you need a new password.

Look at the following links which also helped me understand the issue and develop a strategy for proceeding to change passwords. I recommend you use a password manager to do this.

Remember: you need to change ALL of the passwords they recommend you change – along with many more that aren’t in this list!

I have used LastPass and 1password, among others.  These two are very good password managers that will actually help identify if (a) your password is weak, (b) if you’re password has been found in a hack, and (c) if you have used a password more than once.

Having a password manager creates a UNIQUE password for each site you are registered with. NEVER use the same password on more than one site! Some password managers will even help you change the password INSIDE the web page you are logging into or registering through the password manager.  Using a top-level password manager (like http://1password.com) also integrates with the haveibeenpwned site to let you know if any of your emails or passwords are in a hacked dataset.

Watch the “how to” videos on whatever manager you choose!

The following links give you some good background information on the 2014 Heartbleed issue AND the outline the tools and processes available for you to change all of your passwords IMMEDIATELY!

1. What sites are affected by heartbleed?
2. LastPass tells you which passwords are affected by Heartbleed
3. List of good password managers
4. Heartbleed affected passwords
5. How passwords are cracked and what to not use
6. Get organized: How to change all your passwords in 5 weeks (You’ll want to do much of this ASAP!!! and not wait 5 weeks) but this is a very good process to read about.

I’ve included an excel file based on the mashable link so that you can use to help identify sites you use and keep track of changes as you make them.  Click here: Hearbleed Sites Affected (Excel Spreadsheet)