As you all, know on April 7 the OpenSSL project issued an advisory (of which NSA has apparently been aware of for 2 years). We deployed the updated OpenSSL libraries on Tuesday at 7am EST and renewed all of our SSL certificates.

We take security very seriously (take a look at the newly launched Security page where you can see if anyone has accessed your SaneBox account), but you should too. Follow these steps to bump up the security on your email account.

1) Enable 2-factor authentication for every site that offers it (http://twofactorauth.org/)

2) Use unique and random passwords for all your services via 1Password or LastPass

3) Have a long and difficult to guess but easy to remember password for 1Password or LastPass.  Think of a phrase or refrain from a song.  “Billy Jean is not my lover, she’s just a girl who claims that i am the one” becomes bjinmlsjagwctiat1 – a 17 character password that’s impossible to break but you already remember it. But it’s critical that you never use the same password for multiple services – so if one of them is compromised, others are safe!