The Internet is a wonderland full of infinite possibilities for entertainment and communication and, unfortunately, full of endless opportunities for something to go terribly wrong. Because so much of our lives takes place online — homework, conversations, news and games — we have no way of avoiding possible dangers like security breaches. We tend to have an attitude that whatever it is that can go wrong can’t possibly go wrong for us. We think we are above it. But a recent scare is teaching us otherwise.
Known as Heartbleed, this “critical security flaw” has been affecting campus systems as well as other, wider-used information systems. And while you can rest easy knowing that Heartbleed was not found in the CalNet login system or UC Berkeley’s email system, your information may be at risk because of your use of other campus systems and more general websites.
While this sounds like every Internet user’s worst nightmare, you’re just going to have to suck it up and change every password you’ve ever created. Ever. Especially if you use the same password for nearly all of your accounts. And we know you definitely do.
Because Heartbleed allows attackers to steal information and passwords with ease, the best thing to do is to start changing those passwords now.
Start by first resetting your CalNet password to one you have not used on any other website. You can do this by going to calnet.berkeley.edu and clicking on the “links” section. You will then be prompted to enter your current CalNet ID and password and will then be able to create a new one. You should do this again in another few weeks to ensure optimal security. We know it’s annoying, but you should still do it.
Once you have changed your CalNet, the campus is advising you change all other passwords on websites of importance. This may include changing your passwords for Facebook, email and pretty much any other website you have used in your life. We’re not saying you have to, but it might be a good idea to go back and change that Neopets password to something new.
It is important to know that you should not follow random email requests to change your CalNet passphrase because they might be a phishing scam. If you are in doubt, contact [email protected] to get your questions answered. Be sure that you are aware that any request to share your CalNet information via phone or email is not a legitimate request and, as such, should not be accommodated.
Remember, just because a security threat exists online doesn’t mean it is not a real threat. Be cognizant of your online presence and whom you share your information with in order to minimize the risk of a threat to your personal information.
Contact Rachel Feder at [email protected].