Sunday, 13 April 2014
What is Heartbleed?Here is a link that should help explain what the Heartbleed bug is:
Are my users affected?Any service or website that is connected to the internet and uses SSL encryption is potentially vulnerable to the Heartbleed bug.
Did you fix the issue?Yes, upon receiving the news that Heartbleed existed and a patch was made available, we immediately patched our services to remediate any potential vulnerability. We also re-issued our SSL certificates.
If it's been patched, then why should I change passwords?While we have applied the patch earlier this week, there is still a potential that your password could have been previously exposed and extorted as it passed through the internet via the encrypted SSL tunnel. Again, we have no confirmed reports of suspicious activity or hijacked passwords, but in the spirit of security we strongly urge users to proactively update their passwords. We urge you to do your diligence and change any online passwords you may have and confirm with your other providers (hosting, banking, social media, etc) that their SSL protocols have been patched.
Will you force a password change?Since we have no confirmed compromise and do not assume there was any with the Heartbleed bug, we are simply notifying our customers and strongly urging them to change their passwords.
Can you setup a policy to force users to change passwords on next login?Unfortunately, we cannot provide this service at this time.
Is there a way to mass change passwords?
- Administrators can change passwords
on individual mailboxes via the control panel at admin.thexyz.com.
- Email users can change their own passwords via the Webmail portal at webmail.thexyz.com.
How can I send a message to
email all of my users?
You can send an email to everyone on your domain.
To email everyone, log into the control panel, and
perform the following steps:
- Mouse over the Go to section drop-down menu and select Domains.
- In the Tools section, click the Email Everyone link.
- If you have multiple domains, select the appropriate domain name. Or, to change domains at any time, click the change domain link.
- Click the Email Everyone link.
- Click the Send button.
I have changed passwords for my users and now they are reporting various password issues, what happened?
- Check to see if that mailbox is currently locked by looking in the Control Panel for that specific user mailbox.
- Check what devices they're using to connect to their HEX mailbox! PC at work, iMac at home, work-issued iPhone, personal iPad, etc. Why? If they're Exchange account is set up on any of these devices AND they updated the password recently, they're going to need to update all of their devices for that new password. Meaning, any one of these could be locking out the mailbox.
- Unlock the mailbox through the Control Panel. Once it shows that it's no longer locked using the aforementioned tools, have your user log into Outlook Web App (webmail.thexy.com) to verify that they are, in fact, using the correct password.
- Clear out remembered passwords.
Particularly on Windows or Macs, we see issues with the
Credential Manager (Windows) or Keychain Access (Mac)
remembering the "old" password.
- Once this is cleared out, have them open their email client again. Since you just had them clear the Credential Manager for this account, they should be prompted for the email address and password again.
- Have them re-enter that information correctly. It would be safe for them to "remember" the password. This, in turn, will create a new entry in the credential manager.
Recently, there has been a trend towards a more secure, SSL-protected online environment initiated by authorities like Google when they ...
You can download the app free of charge from Google Play or Apple App Store. The app has recently been updated as Tapatalk celebrates its...
We tested a bunch of FTP clients for iOS devices and found these to be the best. Most of them cost between $1 to $5 but we found the small p...
We have secured great discounts on domains for the rest of month. Mar ch Domains Discounts Enjoy unbelievable discounts on your p...
With Thexyz Webmail you have the choice of using your own domain or one of our domains. Using your own domain offers more features and ben...
- ► 2016 (23)
- ► 2015 (34)
- Setting up an ActiveSync email account with BlackB...
- Setup Outlook 2013 With MobileSync
- Questions and Answers On Heartbleed
- How To Create A Secure Password
- Heartbleed Issue Prompts SSL Update
- Brute Force Attacks On WordPress Users
- Improving a website's speed: A Q&A with our web de...
- Thexyz Goes Open Source With OwnCloud
- ▼ April 2014 (8)
- ► 2013 (41)
- ► 2012 (43)
- ► 2011 (69)
- ► 2010 (52)
- ► 2009 (11)