IT Security Guru: Users are being encouraged to change their passwords because of the OpenSSL flaw, but there is no guarantee that sites have been patched.
Speaking to IT Security Guru, Thom Langford, director of the global security office at Sapient, said that advice to change passwords was “utterly pointless” and a knee jerk reaction to advise changing passwords on a compromised system as then the new password could be intercepted.