Blame Heartbleed: HealthCare.gov requires users to change their passwords

It's been a tough go for HealthCare.gov users. Now you can add "Heartbleed" to the list of concerns surrounding the site.

If you have an account with HealthCare.gov, you can expect to change your password the next time you log in. And you can thank Heartbleed for it.

According to the website, all HeathCare.gov users will be prompted to change their passwords the next time they log into the site. According to the site, "HealthCare.gov uses many layers of protections to secure your information," and there's no sign that any Healthcare.gov user information has been compromised, so this is mainly a precautionary measure.

The Associated Press notes that the US Government is reviewing al of its sites to see if they're vulnerable to the Heartbleed bug, so it's possible that users of other government sites may have to change their passwords in the not-too-distant future.

HealthCare.gov recommends using a password that's unique to your Healthcare.gov account. Some password managers, such as 1Password, can generate and store unique passwords that you don't need to memorize.

But you don't need a password manager to devise stronger passwords: There are some tricks you can employ to create strong passwords that you can actually remember. See Alex Wawro's guide to creating stronger passwords without losing your mind for one approach. And visit HealthCare.gov for more on that site's mandatory password change requirement.

Tags securityHealthcare.govHeartbleed

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

AVG Internet Security 2011 Business Edition

Ultimate protection for your small or medium-sized business

Latest Jobs
Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.