Like many of you,we've been following the story of the Heartbleed OpenSSL vulnerability closely. Because we have an online business, the issue of online security is near and dear to our heart. We regularly monitor our site for vulnerabilities, and have confirmed that our site is secure, and is NOT affected by the Heartbleed vulnerability that has affected so many sites on the web.

How To Check Sites for Vulnerability

Below are two resources you can use to check sites you use:

• http://filippo.io/Heartbleed/ (see the San Jose Mercury News article here)
• https://www.ssllabs.com/ssltest/index.html

Managing Your Passwords

If you find that there are sites you use that ARE affected by the Heartbleed vulnerability, you should change your password on that site, but only after the vulnerability has been fixed. In addition, this would be a good time to get in the habit of using different, complex passwords for all the different sites you use. I know, I know -- that's a password management nightmare! The good news is, there are a number of tools that make managing passwords simple. A couple popular one are:

• 1Password (https://agilebits.com/onepassword)
  
• LastPass (https://lastpass.com/)

These password managers are easy to use and have free and low-cost options. Also, LastPass has a feature that will check your secured passwords to see which sites that you use currently are vulnerable. We strongly encourage you to check them out. We use LastPass ourselves, and couldn't live without it!

You can learn more about password managers and Heartbleed here.