Heartbleed, the massive security threat that has recently affected millions of websites, was patched by most large Internet companies and by many site owners, but regular Internet users failed to grasp the significance of the threat, a new Avast study revealed. Furthermore, less than half of those people who knew about Heartbleed failed to take any action once sites fixed the problem.
The online study performed on 268,000 respondents worldwide showed that 75% of people in the study were not aware about the Heartbleed threat. When Avast explained to them what it meant, 90% said they would change their passwords after checking which sites were affected by the security issue. However, only 40% of respondents who were aware of Heartbleed said they actually changed passwords.
The majority of Internet users have not taken action, apparently believing that the security threat has not and cannot affect them.
“This laissez-faire attitude could be caused by the fact that many have not seen concrete repercussions of the threat or have not yet been directly notified of the threat by the platforms they use,” Avast wrote. “One of the most concerning facts revealed by the survey is that many people lack the know-how to protect themselves. One in ten respondents hasn’t changed their passwords because they don’t know how to change them.”
Avast encourages Internet users to change their passwords frequently and use a password manager, such as the avast! EasyPass it sells, to memorize complex passwords that can better safeguard online data.
“Passwords are like keys that protect our sensitive data online, just as locks protect the precious objects in our homes,” Avast said. “It is recommendable to stay away from affected sites that have not yet issued patches. Once sites have implemented the necessary fixes, passwords should be changed and strengthened with the same manner of urgency as you would change the locks on your home if you were to lose your keys or if your key were to get stolen.”
Earlier today, eBay encouraged all its customers to change passwords immediately following a security breach.