top | item 8627221

(no title)

wfjackson | 11 years ago

>The need to change passwords arose in April, when the Heartbleed vulnerability was revealed. Heartbleed makes systems vulnerable to data theft since attackers can use it to gain access to systems and then proceed to access and steal information without leaving a trace.

>Even though our central IT systems are protected against Heartbleed, any accounts that have already been stolen still pose a security risk. Almost 20,000 members of the McGill community did change their McGill Password, but thousands more did not, and so additional actions have become necessary.

So, ff the people who got the passwords read this post then all they need to do is double the passwords they got with HeartBleed to gain access?

Perhaps they should quadruple the password? /s

discuss

pcthrowaway|11 years ago

The point isn't to make their system more secure, it's to annoy the users into changing their password.