Computer News & Safety tips  – Harry Waldron MVP Rotating Header Image

HeartBleed – List of Major sites where passwords should be changed

A “zero day” attack for this Open SSL flaw has been undetected for two or more years.  The changing of static passwords at least annually is always a beneficial best practice. Some of the MAJOR impacted sites are listed below:

IMPACTED SITES YOU SHOULD SHOULD CHANGE PASSWORDS FOR: Yahoo, Flickr, Tumblr, Blogger/Blogspot, Dropbox, Facebook, Electronic Frontier Foundation, Etsy, Google, Imgur, Instagram, Netflix, Pinterest, Stack Overflow, Twitter, Wikipedia, Woot, and YouTube

SITES WITH STRONGER SECURITY AND NOT LIKELY IMPACTED INCLUDE: Amazon, AOL, Apple,, Bank of America, Bing, Buzzfeed, Capital One, Chase, CNET, Craigslist, eBay, ESPN, Evernote, GoDaddy, Hotmail, HSBC, Huffington Post, Intuit, LinkedIn,, Microsoft, Newegg, The New York Times, PayPal, Reddit, Salesforce, Target, TD Bank, Walmart, Wells Fargo and Zillow.

MAJOR SITES INITIALLY IMPACTED (While most sites have been fixed – if it was on initial list as vulnerable Passwords should be revised)

SITE TESTING LINK (many sites with special security controls may not allow test to work)


Comments are closed.