Skip Nav
Tech Tips
Here's How to Share Old Photos From Your Camera Roll on Snapchat
Geek Culture
Stop What You're Doing — NASA Just Released a New Pic of Jupiter!
Mark Hamill
Mark Hamill's Response to a Lightsaber Made For Him Only Confirms He's the Best

Heartbleed OpenSSL Bug

What to Do About the Heartbleed Security Bug

You've probably heard about the Heartbleed bug, an OpenSSL security vulnerability that exposes your communications and data to users. What's more frightening is that the bug lets attackers impersonate services and users — so you won't know if you've been compromised.

What should I do?

As Reddit user alienth points out, the best thing to do is avoid vulnerable sites altogether until the flaw is patched. Once it is fixed, change your username and password immediately. If you set up a new password before a bug fix, you'll expose yourself to attackers.

Which sites are affected?

Mashable has compiled a comprehensive list of compromised servers as well as updates on whether or not the bug has been "patched" or fixed. Only change your log-in credentials if there is a confirmed OpenSSL patch.

The password management software LastPass is also checking for patches at, which tells users when it's safe to take action.

You can also enter in a specific URL at

At the time of the Heartbleed bug discovery, over 500,000 sites were vulnerable. Yahoo, Tumblr, Google, and Microsoft are no longer at risk.

Early on Tuesday, this list of vulnerable sites, including OkCupid, 500px, and others, was published. Many of these sites have since patched the issue, but double-check with our test above.

What's OpenSSL?

The padlock in your browser bar means the data on that site is encrypted. The URL will probably start with "HTTPS" instead of "HTTP," indicating that the site is secure. When you log on to your Gmail or bank, for example, you should see this lock icon. The "SSL" part of OpenSSL stands for "Secure Sockets Layer," the line of defense between your computer and a server. If this sounds familiar, it's because Apple experienced a similar SSL security flaw earlier this year. OpenSSL is an open-source encryption software that over two-thirds of the web uses to protect their users.

Any questions? We're sure you have plenty, so leave us a comment below or tweet us at @POPSUGARTech.

Source: LastPass

Around The Web
Join The Conversation
Emoji Pool Floats
Nintendo's Shares Plummet After Revealing It Doesn't Make Pokémon Go
Selena Gomez Most "Liked" Instagram Photo Ever
Wonder Woman Trailer Reactions
What Is the Jogging Man Challenge?
Will iPhone 7 Come Without a Headphone Jack?
2016 AstroFest Photography Winners

POPSUGAR, the #1 independent media and technology company for women. Where more than 75 million women go for original, inspirational content that feeds their passions and interests.

From Our Partners
Latest Technology & Gadgets