You may be aware of reports in the media of a very serious vulnerability that compromises the security of secure websites potentially leaking passwords and other sensitive information into the wrong hands.
All of our secure website and web application hosting servers at sfG Software use Microsoft’s IIS web server technology which does not use the OpenSSL software and has therefore never been under any threat from the ‘Heartbleed’ bug. As a result, all of our website and web application hosting customers will not be affected by this and need take no action.
Changing passwords regularly and using a different one for every website is always recommended but often not put into practice. In the light of the ‘Heartbleed’ bug there are a few more things to consider while affected services apply the required patches. Here are a few quick password tips:
- Changing your password on a third party website that is still not protected from ‘Heartbleed’ could put you at more risk – you may be better to wait until it is patched. If in doubt, contact the website for advice.
- If you have used the same password on an affected website as you do on an sfG hosted website then you should change the sfG password now.
- As sfG hosted websites and services have never been vulnerable you are safe to change passwords on these at any time.
For more detailed information and advice on Heartbleed and OpenSSL, follow the links below: