Protecting Yourself From Heartbleed - Live Like a Mensch
Welcome to Dollar Stretcher Community Sign in | Join | Help
in Search

Live Like a Mensch

Protecting Yourself From Heartbleed


By now, you've no doubt heard of the latest sign of the computer apocalypse, the Heartbleed Virus Bug. Not only does this virus make your secure information on various websites vulnerable, it will also step out of your computer with brandishing an 8-bit sword (a la the creepy little girl in The Ring) and stalk through your house wreaking havoc. At least, that's the level of panic that various news sites have indicated is appropriate for this virus.

Despite my blase attitude, I am taking the opportunity to change all of my passwords.

I have recently perfected my password strategy in a way that makes me feel as though my passwords are both secure and memorable (although we'll see on both counts). Since the modern world requires us to password protect EVERYTHING, each with a different password, wherein each password has a minimum of 8 characters, three of which have to be symbols like the one Prince changed his name to, etc, it can be difficult to feel as though you really have a handle on your passwording.

I have the solution!

First, start with a sentence that means something to you. For instance, you might write:

I look to Live Like a Mensch for all my advice.


If loving Game of Thrones is wrong, I don't want to be right.

Then, use the initial letters for each word, substituting at least one with a number or symbol, like so:




You now have a random string of characters that will be unbreakable by a hacker but actually means something to you. You can even write down the original sentence somewhere (my suggestion is on a date in your date book that means something to you but that isn't your birthday) and know that even if someone finds the sentence, they still won't be able to come up with your password.

Of course, we're not done yet. Because you have to go through these shenanigans with EVERY. SINGLE. WEBSITE. you associate with, many people just reuse the same password for everything. (Not you, of course. People do. People who shall remain unnamed).

You can protect yourself without making yourself crazy remembering (or writing down) 150 different passwords. Start adding letters that identify the website the password is for into your password. For instance, if the Game of Thrones password from above is the one you use for everything (and don't worry, I won't tell), you could make it different for each site by simply adding letters at the end:

For Pinterest:


For Amazon:


For Gmail:


And so on.

Now you have uncrackable passwords that you can actually remember!

So, have some fun changing your passwords until the next computer security apocalypse arrives.



haverwench said:

One problem: not only do you have to have a different password for each site, but you also have to change the passwords for many sites on a regular basis. So you'll have to pick a NEW sentence that means something to you and construct a NEW set of passwords—and then you'll have to remember that you're now using the new set and not the old set. And since not all sites require password changes on the same schedule, you'll have to remember which ones are using the new set and which ones are using the old set. Eventually, you may have to keep track of three different sets of passwords at a time, trying to remember which set you're on for each particular site. At which point you're really no better off than before.

My favorite strategy, when possible, is to let the personalized image "key" that some sites provide, so that you can verify you're really on the right site and not a spoof one, serve as my password reminder. For instance, if I've chosen a fish as my image, I might choose the passphrase AFishCalledWanda (inserting numbers if necessary). But since not all sites provide a pass-image, it doesn't always work. So I just keep a list of reminders that will help me remember my passwords, but hopefully won't work to help a hacker figure them out in the unlikely event that a hacker actually physically breaks into my house to steal the list.

Btw, Heartbleed isn't actually a virus. That is, it's not a malicious piece of software that someone created specifically for hacking purposes. It's more like a bug--a ginormous security hole in OpenSSL that's only recently been discovered. It's fixed now, but now all the software companies and sites that use OpenSSL have to deploy the fixed version. I'm planning to change my passwords *after* that happens, since there's no point putting a new password on a site that still isn't secure. http://heartbleed.com/

April 16, 2014 8:28 AM

Emily Guy Birken said:

@Haverwench, thank you for clarifying the difference between a bug and a virus. I was unaware that there was a difference, because I plan to have LO and/or BB handle all of my technology issues in a few short years.

I actually don't have any sites that require me to change my passwords regularly, although I certainly know that they exist. Unfortunately, there's no great solution to the password problem. Everything is a patchwork between finding something memorable and difficult to crack.

April 16, 2014 11:50 AM

Leave a Comment:

You must be logged in to leave a comment. Log in here.

If you do not have a log in, please register here. It's easy and quick. All that is required is your email address and a sign-in name and password that you create. Your email address is kept private.

The Dollar Stretcher has a new community! Click here to check it out and create your new account.

Share this Post

This Blog


About Us    Privacy Policy    Writers' Guidelines     Sponsorship     Media    Contact Us

Powered by Community Server (Commercial Edition), by Telligent Systems