The Heartbleed bug, as it has become known, is a weakness in the encryption protocol in OpenSSL—which can expose vast amounts of data including: account usernames and passwords, system information, and more. This bug affects Web servers running OpenSSL—and has been around since the launch of OpenSSL v1.0.1 in March 2012.
Information Technology Services at the University of Hawaii at Manoa has confirmed that this bug affected UH servers running OpenSSL. The full release is available on the ITS Web site: http://www.hawaii.edu/askus/1574.
Additional suggestions for password security are as follows:
- Use unique passwords for all of your accounts online.
- Use secure passwords consisting of upper and lower case letters, numbers, and special characters
- Change your passwords periodically to insure security
Please contact the Media Center for further assistance at: firstname.lastname@example.org .