The password storing service is safe, developers say
A lot of online products out there are threatened by the Heartbleed vulnerability affecting OpenSSL, but Intuitive Password is not one of them.Intuitive Password is a service that offers a cross platform solution for those who want to save a lot of user information in the same place. For instance, you can keep a record of the passwords you use for certain services, but also banking information and more in a secure location.
With Heartbleed unveiled earlier this week and companies such as Google, Yahoo and Facebook being affected, smaller services are feared that are even more probable to be hit.
Intuitive Password, however, is letting users know that the service continues to be secure.
“We wanted to first let you know that Intuitive Password was NOT exposed to the Heartbleed vulnerability found in the OpenSSL security protocols. The information you store in Intuitive Password is 100% safe, and you do not need to change your Intuitive Password login password, master password and security answer,” reads a message sent out by the company in an effort to reassure users.
In addition, the devs over at Intuitive Password are reminding everyone of how important it is to have a different password for each account and to pick a difficult one that includes many characters, mixes in lower and upper case, as well as numbers and symbols.
Conveniently, the service also offers some options to randomly generate strong passwords, not only to store the ones you managed to come up with.
This is particularly good new to anyone trusting their passwords with this service. Given the fact that so many services have advised users to change their login information, you may also want to update the information on your account.
The Heartbleed bug affects OpenSSL, an open source library used for encryption purposes by about two thirds of the world’s websites. This let hackers get access to whatever data was flowing through a certain server at a given time.
Since attacks leave no tracks on said servers, it is impossible to know just how many times the vulnerability was exploited or if it did any real damage. An update has been rolled out for Open SSL, but the malleability has been around for two years already.
While many suspected that this was done on purpose, the developer who is responsible for Heartbleed says this was only a programming error.