Changes between Version 3 and Version 4 of HeartbleedAdminEmail


Ignore:
Timestamp:
04/14/14 08:58:21 (3 years ago)
Author:
ed
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • HeartbleedAdminEmail

    v3 v4  
    11Draft for edit: 
    22 
    3 Subject: Your old password no longer works, please create a new one. 
     3**NB this is not going out until we have discussed this thoroughly and we are absolutely clear that the very significant risk of resetting the passwords is worth it. Ed is not convinced** 
     4 
     5Subject: Transition Network update: Password changes: please read, you need to take action 
    46 
    57Hi all 
    68 
    7 A major vulnerability in the technology that powers encryption across much of the internet was discovered last week. Like many other teams, we took immediate action to patch the vulnerability in our site. 
     9A major vulnerability in the technology that powers encryption across much of the internet was discovered last week (The Heartbleed bug). We took immediate action to patch the vulnerability on Transitionnetwork.org and we are safe.  
    810 
    9 www.transitionnetwork.org is no longer vulnerable. 
     11We have no evidence of malicious activity. However we have taken the extra precaution of changing your password, so your old password will no longer work. You will get a separate email from the website that allows you to reset your password. You will need to do so before you can access the site. 
    1012 
    11 Though we have no evidence of malicious behaviour, we've taken the extra precaution of changing your password, so your old password will no longer work. You will get a separate email from the website that allows you to reset your password and you will need to do so before you can access the site. 
     13If you have any questions or concerns, please email websupport@transitionnetwork.org. 
    1214 
    13 Please make sure you use a good password. More about that here: http://imgs.xkcd.com/comics/password_strength.png 
     15For more information on this vulnerability, also known as "Heartbleed," visit: 
     16 
     17Ed's Blog: https://www.transitionnetwork.org/blogs/ed-mitchell/2014-04/heartbleed-security-issue  
     18XKCD's slightly geeky version: http://imgs.xkcd.com/comics/heartbleed_explanation.png 
     19XKCD's cartoon about password strength: http://imgs.xkcd.com/comics/password_strength.png 
    1420 
    1521It might be a good moment to investigate using a password manager such as http://keepass.info/ which takes the pain out of remembering passwords. 
    16  
    17 If you have any questions or concerns, please email webproject@transitionnetwork.org. 
    18  
    19 For more information on this vulnerability, also known as "Heartbleed," visit Ed's Blog: https://www.transitionnetwork.org/blogs/ed-mitchell/2014-04/heartbleed-security-issue  
    20 Or for the simple but slightly geeky version: http://imgs.xkcd.com/comics/heartbleed_explanation.png 
    2122 
    2223Kind regards