Skip Nav
Gift Guide
31 Tech Gifts Under $25 For Mom That Will Make Her Life So Much Easier
Geek Culture
Grab Your Wands — Barnes & Noble Just Announced a Magical Harry Potter-Themed Holiday Ball
JK Rowling
The Story of Harry Potter's Invisibility Cloak May Be WAY Darker Than We Thought

Heartbleed OpenSSL Bug

What to Do About the Heartbleed Security Bug

You've probably heard about the Heartbleed bug, an OpenSSL security vulnerability that exposes your communications and data to users. What's more frightening is that the bug lets attackers impersonate services and users — so you won't know if you've been compromised.

What should I do?

As Reddit user alienth points out, the best thing to do is avoid vulnerable sites altogether until the flaw is patched. Once it is fixed, change your username and password immediately. If you set up a new password before a bug fix, you'll expose yourself to attackers.

Which sites are affected?

Mashable has compiled a comprehensive list of compromised servers as well as updates on whether or not the bug has been "patched" or fixed. Only change your log-in credentials if there is a confirmed OpenSSL patch.

The password management software LastPass is also checking for patches at, which tells users when it's safe to take action.

You can also enter in a specific URL at

At the time of the Heartbleed bug discovery, over 500,000 sites were vulnerable. Yahoo, Tumblr, Google, and Microsoft are no longer at risk.

Early on Tuesday, this list of vulnerable sites, including OkCupid, 500px, and others, was published. Many of these sites have since patched the issue, but double-check with our test above.

What's OpenSSL?

The padlock in your browser bar means the data on that site is encrypted. The URL will probably start with "HTTPS" instead of "HTTP," indicating that the site is secure. When you log on to your Gmail or bank, for example, you should see this lock icon. The "SSL" part of OpenSSL stands for "Secure Sockets Layer," the line of defense between your computer and a server. If this sounds familiar, it's because Apple experienced a similar SSL security flaw earlier this year. OpenSSL is an open-source encryption software that over two-thirds of the web uses to protect their users.

Any questions? We're sure you have plenty, so leave us a comment below or tweet us at @POPSUGARTech.

Source: LastPass

Around The Web
Join The Conversation
Most Popular Emoji on Instagram 2016
What Is Instagram Live Video?
How Can I Buy the Book From Apple?
What Is Lyft's Amp Device?
How Do I Spot Fake News on Facebook?
iPhone 7 Catches Fire
iPhone 6 and 6 Plus Touchscreen Problem

POPSUGAR, the #1 independent media and technology company for women. Where more than 75 million women go for original, inspirational content that feeds their passions and interests.

From Our Partners
Latest Technology & Gadgets
All the Latest From Ryan Reynolds