Urgent maintenance was performed on April 9 between 2:30 and 4:30 EDT on all Biotics 5 servers to install a security patch against the Heartbleed bug. There is no evidence that our systems were compromised, but as a precaution we advise that all users change their password now that the patch has been applied.

A major, worldwide Internet vulnerability - known as Heartbleed - affected a large portion of all encrypted Internet traffic. Biotics 5 instances were shown to be susceptible to this vulnerability, so NatureServe software engineers tested and deployed a patch, resulting in an outage of 15 minutes or less within the 2-hour maintenance window. Due to the serious nature of this particular threat, we felt it prudent to patch the vulnerability as soon as possible, rather than wait for the regular maintenance window. We apologize for any inconvenience.

I've used Configuration - Users to change User passwords.

But is the biotics_dlink password going to stay the same?

The passwords used to log into your database as biotics_dlink or biotics_report were not exposed by the Heartbleed bug so there is no need to change them right now. We do plan to change these passwords periodically as an extra security precaution but not as a consequence of last week's OpenSSL vulnerability.