Friday, 23 May 2014

EndNote Online security recommendation

The publishers of EndNote referencing software have notified us that JCU staff and students with EndNote Online (formerly EndNote Web) accounts should change their passwords. Part of their explanatory message is shown below, but the main points are:
  1. This refers only to EndNote Online, not to the desktop version of EndNote 
  2. If you have registered with Web of Science and other products that share a password with EndNote Online, you only need one password change.
“Thomson Reuters is aware of the widely reported ‘Heartbleed’ vulnerability impacting certain versions of the OpenSSL web encryption program …. While there is no evidence that any customer information has been compromised, we suggest changing your password for EndNote Online as a precautionary measure. Please note: If you are also a subscriber to Thomson Innovation, Cortellis, ResearcherID, Web of Science or InCites, which have a shared password with EndNote, then this shared password only needs changing once”.

No comments: