DomainTools Reminder: Change Your Passwords

DomainTools sent a reminder to its customers today urging them to change their user password because of the Heartbleed bug that has the potential to impact a huge amount of websites. Here’s part of the message I received from DomainTools this afternoon:

“On Monday April 7th, news broke on the Heartbleed bug vulnerability in the OpenSSL cryptographic library and the risk to users’ accounts. This has widespread implications as OpenSSL is used by roughly two-thirds of all websites on the Internet and this vulnerability could expose a user’s login and password to hackers.

As soon as we learned of Heartbleed on Monday we started taking steps to remove the vulnerability. These steps started Monday night and have been completed. Now that new SSL certificates are installed on all of our services, all DomainTools users will be logged out and forced to change their passwords to ensure there is no lingering exposure to Heartbleed. This needs to be done to ensure the security of our users’ accounts and login credentials.”

Although DomainTools is the only domain industry company I’ve heard from urging a password change, I have spent the last couple of hours changing my passwords on as many websites as possible. I do not use the same password on different websites for security reasons, and I think it’s important that others use difficult passwords as well as two factor authentication where possible.

The good and bad thing is that this bug has the potential to impact millions of people so websites and companies are basically forced to take action to protect their customers. If you haven’t changed your passwords yet, now is the time to do it. From what I have been reading, this has the potential to be very bad, and many other websites  are urging people to make changes to their passwords immediately.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn

2 COMMENTS

  1. Is it worth changing Passwords on websites until that website has patched a fix for this Heartbleed bug on their site?

    I mean, DomainTools has fixed the vulnerability, so a Password change now makes sense. But, if you change your Password on a site that has NOT fixed the vulnerability, then, presumably the new Password is just as vulnerable?

    • That;’s a good question.

      There are a couple of websites that allow you to test for heartbleed vulnerability, and if the websites you use are protected, I assume it would be time to change your passwords.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Posts

Dan.com Closing Down on June 27

0
Dan.com was an innovative domain name sales platform that was acquired by GoDaddy in 2022. Dan innovated and brought the Lease to Own (LTO)...

Namecheap Outbound Transfer Email is Ideal

3
There are many reasons for why a domain registrant might transfer a domain name away from its current registrar. By the time the transfer...

Delete the Verification 3rd Nameserver

0
This morning, I received an email from Atom notifying me the nameservers for one of my domain names was not correctly set up. I...

Team Internet and CCI Partnership to Operate .CO ccTLD

0
According to a post on Team Internet's corporate LinkedIn page, the company has been awarded the contract to operate the .CO ccTLD registry in...

45.com Reportedly Acquired for $1.8 Million

0
According to a post on X linking to a press release on CoinDesk, the 45.com domain name has been reportedly acquired for $1.8 million. Lucky45...