Many of you have probably seen or a read a news story about Heartbleed. Here at M/A I take your security on the site seriously. As soon as the patch was released for the server software we run here it was applied to the M/A server. While the site shows no evidence of being compromised by this issue it is recommended that you change your password. Not just on M/A but on pretty much every site you visit. It is possible the issue is that pervasive.
I haven't read anything but headlines on this so pardon me if this question is naive. How would it help to change passwords now? Won't a new password be just as at risk as an old one or was this a one-time exploit that's already dead?
This exploit has been around for about 2 years. So in the event the password was grabbed from this site now that it has been patched changing the password would prevent it's possible use in the future due to the exploit. Also, if you use the same password on multiple sites, a bad idea) and if one of those sites has not been patched yet then the info can still be grabbed. Ideally you should never use the same password on two accounts that matter. Whoever is in charge of security at, say, HottestCheerleadersPlusCheapMedicineFromThailand.com (not an actual site I have visited) might not know how to protect against hacks, or might even dishonestly sell its user info to hackers. They could then blindly try the combos elsewhere.
I got these from NPR's Here and Now website. ‘Heartbleed’ Security Flaw Exposes Millions Of Passwords | Here & Now The “Heartbleed test†shows whether a website is currently vulnerable Test your server for Heartbleed (CVE-2014-0160) LastPass checks whether the website has been vulnerable in the past https://lastpass.com/heartbleed/
If you put M/A's URL into those tests they will fail to run properly due to the configuration used to thwart the DDOS attacks we had back in November and December.
Hmmm...Interesting. Because I was on that site last night, and picture of your car was on it. Maybe Dustin owns it?