DomainTools Reminder: Change Your Passwords

DomainTools sent a reminder to its customers today urging them to change their user password because of the Heartbleed bug that has the potential to impact a huge amount of websites. Here’s part of the message I received from DomainTools this afternoon:

“On Monday April 7th, news broke on the Heartbleed bug vulnerability in the OpenSSL cryptographic library and the risk to users’ accounts. This has widespread implications as OpenSSL is used by roughly two-thirds of all websites on the Internet and this vulnerability could expose a user’s login and password to hackers.

As soon as we learned of Heartbleed on Monday we started taking steps to remove the vulnerability. These steps started Monday night and have been completed. Now that new SSL certificates are installed on all of our services, all DomainTools users will be logged out and forced to change their passwords to ensure there is no lingering exposure to Heartbleed. This needs to be done to ensure the security of our users’ accounts and login credentials.”

Although DomainTools is the only domain industry company I’ve heard from urging a password change, I have spent the last couple of hours changing my passwords on as many websites as possible. I do not use the same password on different websites for security reasons, and I think it’s important that others use difficult passwords as well as two factor authentication where possible.

The good and bad thing is that this bug has the potential to impact millions of people so websites and companies are basically forced to take action to protect their customers. If you haven’t changed your passwords yet, now is the time to do it. From what I have been reading, this has the potential to be very bad, and many other websites  are urging people to make changes to their passwords immediately.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

2 COMMENTS

  1. Is it worth changing Passwords on websites until that website has patched a fix for this Heartbleed bug on their site?

    I mean, DomainTools has fixed the vulnerability, so a Password change now makes sense. But, if you change your Password on a site that has NOT fixed the vulnerability, then, presumably the new Password is just as vulnerable?

    • That;’s a good question.

      There are a couple of websites that allow you to test for heartbleed vulnerability, and if the websites you use are protected, I assume it would be time to change your passwords.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

The Price Will Increase or the Domain Name Will be Sold

2
At our town's annual meeting, there was a discussion about paving a secondary road. The non-critical infrastructure project was needed to be done at...

Diamond.com Sold via Saw.com for 7 Figures

2
A little over a week ago, I came across Diamond.com, and I noticed its coming soon page. When I scrolled down, I saw a...

I Would Love to Go Back in Time

1
NameBio does a very good job of tracking down and reporting domain name auction results. Domain investors aren't the only people who use NameBio...

Dynadot Now Allowing Imported Leads

4
Domain investors have another option to transact domain name sales. Dynadot Founder and CEO Todd Han announced that Dynadot customers can now import their...

Challenge of Buying a Domain Name from a Big Company

1
There are many large companies that own domain names that aren't being used. This can be due to corporate acquisitions and mergers, killed products...