https://community.ruckuswireless.com/t5/ZoneDirector/Please-change-your-passwords-for-ruckuswireless-com-websites/m-p/30898#M5871 A major vulnerability, known as “Heartbleed,” has been disclosed for the technology that powers secure web (HTTPS/SSL) across the majority of the internet. That includes any of our servers which require a login, such as <STRONG><A href="https://support.ruckuswireless.com" rel="nofollow">https://support.ruckuswireless.com</A> and <A href="https://partners.ruckuswireless.com" rel="nofollow">https://partners.ruckuswireless.com</A></STRONG>. <BR /><BR /> We have patched all of our public web servers for the so-called "Heartbleed" SSL vulnerability (best explained here.. <A href="http://xkcd.com/1354/" rel="nofollow">http://xkcd.com/1354/</A> ) and we have also re-issued the certificates for those servers and so it is time to change your password. <BR /><BR /> We have no knowledge of any compromise to our servers, and like most sites, took immediate steps to protect our servers and your information. However, this vulnerability is very difficult to detect. <BR /><BR /> [If you have an account created after midnight PDT 4/15/2014 or changed your password since then you do not need to change your password. <STRONG>Only <A href="https://support.ruckuswireless.com" rel="nofollow">https://support.ruckuswireless.com</A> and <A href="https://partners.ruckuswireless.com" rel="nofollow">https://partners.ruckuswireless.com</A> websites need their password changed</STRONG>] <BR /><BR /> <A href="https://support.ruckuswireless.com/forgot_password" rel="nofollow">Our Password Reset Tool</A> requires that you have access to the email account which is associated to your account. If you no longer have that access, please email <A href="mailto:cservice@ruckuswireless.com" rel="nofollow">cservice@ruckuswireless.com</A> with details. Also check to make sure that email sourced from our domain is not blocked or spam-filtered. <BR /><BR /> We apologize for the inconvenience! As you probably know, you will need to do this across all your <STRONG>affected</STRONG> internet accounts <STRONG>after they are announced as patched and secured </STRONG> so Ruckus strongly recommends you adopt the use of a password manager tool (including free/open source apps such as KeyPass) which can help you not only keep track of all the changes, but also help to generate strong passwords without the inconvenience of having to memorize them all). <BR /><BR /> [amended; not all sites are impacted] Tue, 15 Apr 2014 17:43:18 GMT keith_redfield 2014-04-15T17:43:18Z https://community.ruckuswireless.com/t5/ZoneDirector/Please-change-your-passwords-for-ruckuswireless-com-websites/m-p/30898#M5871 A major vulnerability, known as “Heartbleed,” has been disclosed for the technology that powers secure web (HTTPS/SSL) across the majority of the internet. That includes any of our servers which require a login, such as <STRONG><A href="https://support.ruckuswireless.com" rel="nofollow">https://support.ruckuswireless.com</A> and <A href="https://partners.ruckuswireless.com" rel="nofollow">https://partners.ruckuswireless.com</A></STRONG>. <BR /><BR /> We have patched all of our public web servers for the so-called "Heartbleed" SSL vulnerability (best explained here.. <A href="http://xkcd.com/1354/" rel="nofollow">http://xkcd.com/1354/</A> ) and we have also re-issued the certificates for those servers and so it is time to change your password. <BR /><BR /> We have no knowledge of any compromise to our servers, and like most sites, took immediate steps to protect our servers and your information. However, this vulnerability is very difficult to detect. <BR /><BR /> [If you have an account created after midnight PDT 4/15/2014 or changed your password since then you do not need to change your password. <STRONG>Only <A href="https://support.ruckuswireless.com" rel="nofollow">https://support.ruckuswireless.com</A> and <A href="https://partners.ruckuswireless.com" rel="nofollow">https://partners.ruckuswireless.com</A> websites need their password changed</STRONG>] <BR /><BR /> <A href="https://support.ruckuswireless.com/forgot_password" rel="nofollow">Our Password Reset Tool</A> requires that you have access to the email account which is associated to your account. If you no longer have that access, please email <A href="mailto:cservice@ruckuswireless.com" rel="nofollow">cservice@ruckuswireless.com</A> with details. Also check to make sure that email sourced from our domain is not blocked or spam-filtered. <BR /><BR /> We apologize for the inconvenience! As you probably know, you will need to do this across all your <STRONG>affected</STRONG> internet accounts <STRONG>after they are announced as patched and secured </STRONG> so Ruckus strongly recommends you adopt the use of a password manager tool (including free/open source apps such as KeyPass) which can help you not only keep track of all the changes, but also help to generate strong passwords without the inconvenience of having to memorize them all). <BR /><BR /> [amended; not all sites are impacted] Tue, 15 Apr 2014 17:43:18 GMT https://community.ruckuswireless.com/t5/ZoneDirector/Please-change-your-passwords-for-ruckuswireless-com-websites/m-p/30898#M5871 keith_redfield 2014-04-15T17:43:18Z https://community.ruckuswireless.com/t5/ZoneDirector/Please-change-your-passwords-for-ruckuswireless-com-websites/m-p/30899#M5872 So your saying change password is "best practice" but no need to worry. Precautionary. <BR /> Done. <BR /> Thanks for info. <BR /><BR /> Only site so far that has directly told me to do this so I take that as a positive (for Ruckus). Wed, 16 Apr 2014 12:25:30 GMT https://community.ruckuswireless.com/t5/ZoneDirector/Please-change-your-passwords-for-ruckuswireless-com-websites/m-p/30899#M5872 max_o_driscoll 2014-04-16T12:25:30Z