DomainTools Reminder: Change Your Passwords

DomainTools sent a reminder to its customers today urging them to change their user password because of the Heartbleed bug that has the potential to impact a huge amount of websites. Here’s part of the message I received from DomainTools this afternoon:

“On Monday April 7th, news broke on the Heartbleed bug vulnerability in the OpenSSL cryptographic library and the risk to users’ accounts. This has widespread implications as OpenSSL is used by roughly two-thirds of all websites on the Internet and this vulnerability could expose a user’s login and password to hackers.

As soon as we learned of Heartbleed on Monday we started taking steps to remove the vulnerability. These steps started Monday night and have been completed. Now that new SSL certificates are installed on all of our services, all DomainTools users will be logged out and forced to change their passwords to ensure there is no lingering exposure to Heartbleed. This needs to be done to ensure the security of our users’ accounts and login credentials.”

Although DomainTools is the only domain industry company I’ve heard from urging a password change, I have spent the last couple of hours changing my passwords on as many websites as possible. I do not use the same password on different websites for security reasons, and I think it’s important that others use difficult passwords as well as two factor authentication where possible.

The good and bad thing is that this bug has the potential to impact millions of people so websites and companies are basically forced to take action to protect their customers. If you haven’t changed your passwords yet, now is the time to do it. From what I have been reading, this has the potential to be very bad, and many other websites  are urging people to make changes to their passwords immediately.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. Is it worth changing Passwords on websites until that website has patched a fix for this Heartbleed bug on their site?

    I mean, DomainTools has fixed the vulnerability, so a Password change now makes sense. But, if you change your Password on a site that has NOT fixed the vulnerability, then, presumably the new Password is just as vulnerable?

    • That;’s a good question.

      There are a couple of websites that allow you to test for heartbleed vulnerability, and if the websites you use are protected, I assume it would be time to change your passwords.


Please enter your comment!
Please enter your name here

Recent Posts

Longest and Shortest Billboard Domain Names

I spent Father's Day weekend at our son's soccer tournament in the middle of New Jersey. It was a 6 hour drive, but it...

Rookie Mistake: Reading Expiry Lists at Breakfast

Every morning, as early as I am awake, I look through domain name expiry lists to see what is coming up for auction. I'll...

GoDaddy Auctions Running NameFind Auctions

GoDaddy is running a featured auction via its GoDaddy Auctions platform with domain names from its NameFind portfolio. While I would argue the domain...

Spaceship Hits 1 Million DUM – Only 13% of New Registrations are .com

Earlier this morning, Richard Kirkendall shared that Spaceship hit the 1 million Domains Under Management (DUM) mark. Richard is the Founder of Namecheap and...

Converse.CO UDRP Decision Turns on Price Inference

In general, I thought UDRP panels have gotten past the issue of pricing as it relates to generic / descriptive one word domain names....