IndieCommerce Stores, Customers Urged to Change Passwords

Printer-friendly versionPrinter-friendly version

The IndieCommerce team has successfully addressed security concerns related to the Heartbleed bug. However, the next step to further secure both IndieCommerce stores and their customers is to effect a password change. 

Through the IndieCommerce Message Center, which is visible to site administrators, store personnel has been asked to change their passwords. However, it is probable that some staff members have not yet seen this message, so administrators are asked to direct them to it. 

Stores should also follow the instructions, available here, in order to place an information block on their site to notify customers that the site is secure and that returning customers should change their site password.

Stores are welcome to develop their own message but the following is offered for an easy copy/paste: 

Dear {store name} customer, 
 

We are pleased to report that our website is secured against the Heartbleed bug. As an added precaution we ask that returning customers change their account password at this time. Please simply log in to your account and change your password.
 

 Thank you for your continued support!

As always, questions should be addressed to staff@bookweb.org or (800) 637-0037, exts. 7554 or 7543.