By now you would have heard of the heartbleed bug that’s been on the news since Monday. It’s a serious bug in OpenSSL that allows a remote attacker to access information such as user credentials on a secure server. The heartbleed bug has the potential to affect websites and services that use OpenSSL to encrypt and protect sensitive data.

We’re happy to announce that we do not use OpenSSL in our software solution and website. And, we can confirm that ADSelfService Plus is not affected by the heartbleed bug.

If you are using other services and softwares that depend on OpenSSL, please check them by visiting the heartbleed test site.

We take the security of your data very seriously and work hard to improve the protection offered by our solution. This kind of serious security flaws serves as a good reminder to equip your accounts with security features like multi-factor authentication.

ADSelfService Plus employs Security Questions & Answers, Email/SMS based verification codes and Google Authenticator (coming soon) as multi-factor authentication options to secure the password reset/account unlock process. This may not be useful as a defense against the heartbleed bug, but in general this extra step will make the self-service process more secure against future attacks.

As always, please contact our support team via support@adselfserviceplus.com if you have any questions or concerns.

For more information on this bug, visit heartbleed.com.