This isn’t anything new by this point. Heartbleed has been around for a few weeks at this point. From what I understand this had been a zero-day vulnerability for a while being exploited by folks like the NSA.

But this isn’t a rant about that.

This is about changing passwords.

Lots of them.

One good thing that’s coming out of this is that I’m getting a lot more cognizant of my password usage.

Like most people, I started using the same password on a lot of sites when the internet was new. I had three different passwords mainly — my low, normal, and high security password. This was, unfortunately, spread far and wide.

Now I’m going through and auditing 600+ passwords that Lastpass is storing for me. Some of them are defunct. Some of them are already good. Some are in the long list of passwords that are the same over a bunch of sites.

…sigh…

I can say that my Lastpass master password was my high-security password. Now I have a new one of that too. This password then generated by pwqgen which, in turn, was inspired by XKCD. *

Back to changing passwords.

* – No, it’s not “correct horse battery staple”.