DomainTools Reminder: Change Your Passwords

DomainTools sent a reminder to its customers today urging them to change their user password because of the Heartbleed bug that has the potential to impact a huge amount of websites. Here’s part of the message I received from DomainTools this afternoon:

“On Monday April 7th, news broke on the Heartbleed bug vulnerability in the OpenSSL cryptographic library and the risk to users’ accounts. This has widespread implications as OpenSSL is used by roughly two-thirds of all websites on the Internet and this vulnerability could expose a user’s login and password to hackers.

As soon as we learned of Heartbleed on Monday we started taking steps to remove the vulnerability. These steps started Monday night and have been completed. Now that new SSL certificates are installed on all of our services, all DomainTools users will be logged out and forced to change their passwords to ensure there is no lingering exposure to Heartbleed. This needs to be done to ensure the security of our users’ accounts and login credentials.”

Although DomainTools is the only domain industry company I’ve heard from urging a password change, I have spent the last couple of hours changing my passwords on as many websites as possible. I do not use the same password on different websites for security reasons, and I think it’s important that others use difficult passwords as well as two factor authentication where possible.

The good and bad thing is that this bug has the potential to impact millions of people so websites and companies are basically forced to take action to protect their customers. If you haven’t changed your passwords yet, now is the time to do it. From what I have been reading, this has the potential to be very bad, and many other websites  are urging people to make changes to their passwords immediately.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

2 COMMENTS

  1. Is it worth changing Passwords on websites until that website has patched a fix for this Heartbleed bug on their site?

    I mean, DomainTools has fixed the vulnerability, so a Password change now makes sense. But, if you change your Password on a site that has NOT fixed the vulnerability, then, presumably the new Password is just as vulnerable?

    • That;’s a good question.

      There are a couple of websites that allow you to test for heartbleed vulnerability, and if the websites you use are protected, I assume it would be time to change your passwords.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

Squadhelp Adds Escrow.com as a Payment Option

1
Squadhelp has added Escrow.com as a payment option for buyers. The addition of the Escrow.com option was shared by ARIYAS on X this morning: 👍...

Some Thoughts on .AI Domain Names

15
There is no question that .AI domain names have become a hot topic of late. With considerable amounts of venture funding flowing into AI...

Handoff to Dan on Imported Leads Can be Confusing

0
I've been using the lead import option at Dan.com more regularly. Although the 5% commission is not ideal, transactions tend to move more quickly...

ArtificialIntelligence.com Goes Up for Sale

11
I tried to buy the ArtificialIntelligence.com domain name multiple times over the last 10 years. The emails I sent to the registrant went unanswered,...

EU Gives More IP Protection to Food & Drink Producers

0
Did you know that some well-known food and drink varieties are protected intellectual property regulations? Popular types of drinks and foods that are protected...