Heartbleed, Just Another Reason to Enable Two-Step Verification

Apr 10, 2014 Michael Wurzer

You may have heard in the press about a vulnerability in OpenSSL called Heartbleed. OpenSSL is software used by two-thirds of the sites on the internet to encrypt traffic for secure communications. FBS also uses OpenSSL to encrypt HTTPS transmissions to and from the Flexmls system.

FBS patched our servers on the morning that Heartbleed became public and are no longer vulnerable. To confirm the status of Flexmls and Heartbleed, visit http://filippo.io/Heartbleed/#www.flexmls.com:443.

We have no reason to believe any data was compromised. Out of an abundance of caution, we also have replaced our SSL certificates with new ones. We also strongly encourage users to change their passwords and, for members in MLSs with two-step verification enabled, please turn it on for your account by clicking on Security under the Preferences menu in Flexmls Web. Two-step verification has the dual benefit of making your account more secure and also allowing you to access Flexmls with multiple devices simultaneously.