It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussion (archive)Heartbleed(12 posts)(12 posts)
(12 posts)
Pages:
1
This is my favourite topic
Posted April 12, 2014
Can a member of the GOG team simply tell us when it is safe to change our passwords.
Posted April 12, 2014
Maybe they [url=http://www.gog.com/forum/general/attention_why_you_shouldnt_buy_a_game_at_the_moment_severe_securityvulnerability/post22]have?
Posted April 12, 2014
This is going to continually happen, GOG needs to send a mass private message top flag all accounts to change there password.
Posted April 12, 2014
avatar
Starkrun: This is going to continually happen, GOG needs to send a mass private message top flag all accounts to change there password.
Or just an e-mail to all customers.
I'm surprised I haven't had a single e-mail about it from any company.
Posted April 12, 2014
It's safe. They've patched their SSL system, issued a new certificate and revoked the old one.
avatar
Starkrun: This is going to continually happen, GOG needs to send a mass private message top flag all accounts to change there password.
avatar
Smannesman: Or just an e-mail to all customers.
I'm surprised I haven't had a single e-mail about it from any company.
I hadn't noticed until you pointed it out, but that's true. No doubt most major sites have been scrambling to block this hole, but nobody's really gone about announcing that they've done so.
Post edited April 12, 2014 by Barefoot_Monkey
Posted April 12, 2014
If you have a question about a site, you should submit it to one of the services that does Web site security analysis, like Qualys SSL Labs: https://www.ssllabs.com/ssltest/

On the other hand, NO, THEY SHOULD NOT BE SENDING OUT E-MAILS. Well-run Web operations do not do this. These would reasonably be taken as phishing attempts by anyone who takes personal computer security seriously.
Post edited April 12, 2014 by cjrgreen
Posted April 12, 2014
avatar
cjrgreen: On the other hand, NO, THEY SHOULD NOT BE SENDING OUT E-MAILS. Well-run Web operations do not do this. These would reasonably be taken as phishing attempts by anyone who takes personal computer security seriously.
I've already had to adjust spam filters and my personal BS Radar... had 1 attempt already for Pinterest, unless there login server is hosted in India :)
Posted April 15, 2014
I have just sent a Support request regarding Heartbleed and instantly received a reply with a ticket number.Can anyone tell me what this is and has this problem been rectified as there is still nothing on the website (at least what I can see).
Posted April 15, 2014
avatar
Marky47: I have just sent a Support request regarding Heartbleed and instantly received a reply with a ticket number.Can anyone tell me what this is and has this problem been rectified as there is still nothing on the website (at least what I can see).
It means that they have received your request, and you should be contacted with a response within a few days.
Posted April 15, 2014
There certs are band new (5 days ago), and the hole is patched feel safe using GOG.com.
But please do change the password :)

https://lastpass.com/heartbleed/?h=gog.com

As shown above the patch was applied so ignore the yellow in link.
Posted April 15, 2014
So do I really need to change all my passwords? Jesus Christ on a Mcdonald's Automac.
Posted April 15, 2014
avatar
Marky47: I have just sent a Support request regarding Heartbleed and instantly received a reply with a ticket number.Can anyone tell me what this is and has this problem been rectified as there is still nothing on the website (at least what I can see).
gog did post about it on the forum: http://www.gog.com/forum/general/important_time_to_change_your_passwords_important/post88
Pages:
1
This is my favourite topic
Community
General discussion (archive)Heartbleed(12 posts)(12 posts)
(12 posts)