Should I change my password?

Should I change my password?

The mainstream press is awash with advise and warnings about the latest vulnerability named the Heartbleed bug which affects SSL encryption on websites that use the OpenSSL cryptographic library.

Some articles tell you to change your password now while others tell you to wait.

So who is right? 

Unfortunately there is no straight answer to this question and it needs you to do a little investigation.

The first step is to use the following link https://lastpass.com/heartbleed to see if a website you use is vulnerable and if they have updated to the latest OpenSSL library that resolves the problem.

If the website was vulnerable and has been updated it's advisable that you change your password as soon as possible.

However if the website was vulnerable but has not yet updated to the latest OpenSSL library do not change any credentials yet, wait until the website has updated to the latest OpenSSL library.

You can read in detail about the vulnerability on the LastPass blog here http://blog.lastpass.com/2014/04/lastpass-and-heartbleed-bug.html