Urgent security update

support:

Bad news: A major vulnerability has been disclosed for the technology that powers encryption across the majority of the internet. That includes Tumblr. Our team took immediate action to fix the issue, but you should still take some time to change your password, not only here but on any other sites you visit. 

You should also strongly consider enabling two-factor authentication. It’ll go a long way to ensure that no one besides you can access your account. Thanks, and take care.

if it’s a site you would log into without checking whether you’re on http or https, especially on public wifi, there’s not much point in changing your password

the biggest concern with heartbleed is that someone has been logging your traffic and can now decrypt it. if they could’ve logged your traffic unencrypted in the first place then you’re no worse off now

  1. support posted this