As a follow-up to this week's announcement about the Heartbleed Bug, ITS has been researching and gathering
information around the bug's impact on the security of WCMC staff and information systems.
How will
this affect you?
We are continuing the monitor the situation, but at this time, it appears that the
impact on WCMC systems has been small. Therefore, we are not requiring that WCMC users change their main password
(the password used with your CWID for most systems). However, it is considered a best practice to change passwords
regularly, so we are recommending that you do so at mypassword.med.cornell.edu.
As always, we recommend that
you create a strong
password, never share your password with anyone else, and use this password for your WCMC account only.
We also recommend that you review the following links that provide information on other systems and sites not
supported by ITS that you may use for personal business:
- Heartbleed bug: Check which sites have been patched (CNET)
- The Heartbleed Hit List: The Passwords You Need to Change Right Now (Mashable)
What do you need to do?
You should change your password if you have not done so in a while
on any of your accounts. For sites that are not supported by ITS, you should verify that the company has patched its
software before changing your password so that your new password is not compromised.
ITS will continue to
provide updates on this issue as more information is gathered and analyzed.