Forum adverts like this one are shown to any user who is not logged in. Join us by filling out a tiny 3 field form and you will get your own, free, dakka user account which gives a good range of benefits to you: No adverts like this in the forums anymore. Times and dates in your local timezone. Full tracking of what you have read so you can skip to your first unread post, easily see what has changed since you last logged in, and easily see what is new at a glance. Email notifications for threads you want to watch closely. Being a part of the oldest wargaming community on the net. If you are already a member then feel free to login now.

Without wanting to do anything nasty and find out myself, was Dakka vulnerable to Heartbleed? If so, has it been patched? Should we change our passwords?

I don't believe Dakka supports secure browsing, so there is no SSL or TLS present to be vulnerable.

Huh. You're right. I'd never actually tried to be honest. It's just such a commonplace thing to see nowadays, I expected there to be a https redirect on the login or something at least.

Dakka is unaffected - we have no world-facing SSL or SSH and even the private access SSH is protected by auto-ban-on-fail firewall rules that minimise the potential exposure from bugs like this. We also patched the moment the updated openSSL libraries became available. There is no reason to change your dakka password at the least.

No reason - unless you use the same password on other, vulnerable services. Even then the risk is minimal, but no risk is better than minimal risk imo.