DomainTools Reminder: Change Your Passwords

DomainTools sent a reminder to its customers today urging them to change their user password because of the Heartbleed bug that has the potential to impact a huge amount of websites. Here’s part of the message I received from DomainTools this afternoon:

“On Monday April 7th, news broke on the Heartbleed bug vulnerability in the OpenSSL cryptographic library and the risk to users’ accounts. This has widespread implications as OpenSSL is used by roughly two-thirds of all websites on the Internet and this vulnerability could expose a user’s login and password to hackers.

As soon as we learned of Heartbleed on Monday we started taking steps to remove the vulnerability. These steps started Monday night and have been completed. Now that new SSL certificates are installed on all of our services, all DomainTools users will be logged out and forced to change their passwords to ensure there is no lingering exposure to Heartbleed. This needs to be done to ensure the security of our users’ accounts and login credentials.”

Although DomainTools is the only domain industry company I’ve heard from urging a password change, I have spent the last couple of hours changing my passwords on as many websites as possible. I do not use the same password on different websites for security reasons, and I think it’s important that others use difficult passwords as well as two factor authentication where possible.

The good and bad thing is that this bug has the potential to impact millions of people so websites and companies are basically forced to take action to protect their customers. If you haven’t changed your passwords yet, now is the time to do it. From what I have been reading, this has the potential to be very bad, and many other websites  are urging people to make changes to their passwords immediately.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. Is it worth changing Passwords on websites until that website has patched a fix for this Heartbleed bug on their site?

    I mean, DomainTools has fixed the vulnerability, so a Password change now makes sense. But, if you change your Password on a site that has NOT fixed the vulnerability, then, presumably the new Password is just as vulnerable?

    • That;’s a good question.

      There are a couple of websites that allow you to test for heartbleed vulnerability, and if the websites you use are protected, I assume it would be time to change your passwords.

Leave a Reply

Recent Posts Acquired for More than $10 Million

Last week, Hilco Digital's Andrew Miller shared that he and Larry Fischer brokered the sale of the domain name. Andrew mentioned that it...

Hilco Digital Assets Announces $10m Investment in Squadhelp

Squadhelp has become a leading brand naming marketplace, connecting business owners and entrepreneurs with domain names listed for sales on its platform. Led by...

Questions Related to Uni —> Afternic Parking Migration

If you are a Uniregistry customer, you most likely received an email explaining the upcoming migration of the Uniregistry Market and parking platform to...

Some Uni-Registered New gTLDs Will be Transferred to 1API

I received an email from Uni (formerly Uniregistry) that I initially thought was a Whois verification email and almost ignored. It was, in fact,...

Advice and Resources for a Newbie Domain Investor

Someone reached out to me on Twitter seeking advice for selling domain names. In a short tweet thread, I shared a few thoughts and...