Wednesday, April 16, 2014

Todo Cloud - Protected from Heartbleed

Quick Summary:
We take the security of your data seriously and I just wanted start out by letting you know that all of Appigo's and Todo Cloud's servers have been updated against the Heartbleed Bug.  We've been monitoring everything since the update last week and the service looks great.

Your actions:
If you are a Todo Cloud subscriber we recommend you login and change your password.  To change your password click here, mouse over the password field and click "Edit".  You will also need to enter this password in the Todo and Todo Cloud apps in order to keep them syncing.  We are not aware of any problems with any accounts but it's worth your time in case a password from any of the sites you frequent has been compromised.

You should also change passwords on all other sites you visit but you'll want to verify those sites have taken steps to update and protect you before you change your password.  To check your site you can click here and enter the web address to verify it's ready.  If you change your password before a site has been updated then your account is still vulnerable to potential bad guys.

What is the Heartbleed Bug?
The Heartbleed Bug is a vulnerability (a bug) found in OpenSSL which is used by most websites on the internet to provide the "S" in HTTPS (or the lock icon in your browser).  The bug allows bad guys to thwart the encryption used to secure traffic, names, and passwords of users and the content on websites.  If you want more information on Heartbleed there is some great reading to be had on the heartbleed.com website.


2 comments:

  1. Thank you for sending the email with the automatic link - that is excellent customer service.

    ReplyDelete
  2. If you didn't require us to store our to-do lists on "The Cloud™" whether there was a legitimate reason to do so or not, this wouldn't be nearly as much of a problem.

    No matter what your program is or what it does, all Cloud™ "services" should be optional, NOT mandatory, and deactivated by default at that.

    ReplyDelete