OngoingWorlds blog

News & articles about play-by-post games, for roleplayers & writers


Heartbleed doesn’t affect OngoingWorlds, don’t panic

A bug. Maybe roleplay monster?Hi everyone, sorry for the potentially boring blog post about web security, so I’m going to make it up to you by telling a joke at the bottom. Some people have asked me today about how vulnerable the OngoingWorlds website is to this Heartbleed SSL bug that has hit the news.

Short answer, you’ll probably be fine.

Long answer, you’re no more at risk than ever really. OngoingWorlds isn’t affected by the bug, but there’s a chance someone could hack another site you’re a member of, and discover your username/password combination. If you’ve used that same combination on OngoingWorlds, someone could login as you. 

This isn’t a new problem though, and could happen at any time. A real security nut will tell you to have a different username/password combination for each site you join. I know that’s not practical (especially if you have a bad memory like me!), but it’s the best way to protect against your accounts getting hacked. So that’s the best recommendation, change your password and keep it unique.

But it’s unlikely this will happen anyway, hackers are normally after credit card details, and we don’t hold anything sensitive like that.

As promised, here’s the joke:

What do you call a psychic midget who has escaped from prison?
A small medium at large.
From: here

I didn’t say it was a very good joke.