QUICK NEWS

{NEW} - The Slide tab mod has been re-installed and a new video is on the tab.

{OLD} -A new tutorial for Github is ready for your veiwing in the articles section.

Video of the week


Internal Links

SMF Sites

Quick Info

LastPass master passwords compromised

Started by lesmond, Dec 30, 2021, 07:04 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

lesmond

QuoteNews broke yesterday that many LastPass users were reporting their master passwords being compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations. LastPass apparently indicated it's credential stuffing related to fairly common bot-related activity using data obtained from third-party breaches. However, users receiving these warnings have stated that their passwords are unique to LastPass and not used elsewhere, and some have even changed their master passwords only to receive another alert. Others have reported issues trying to delete or disable their accounts. An obvious recommendation is that all LastPass users should enable multi-factor authentication immediately if they haven't already. Are you affected?

Source

The only person who got all his work done by Friday was Robinson Crusoe

Neša

I think the time when passwords alone could secure information is long gone. I've never used LastPass I do like that they did bring awareness that you shouldn't use one password for all sites.

I use KeePass I have been meaning to order a YubiKey to secure my password file, if you are really paranoid you could use 3 pieces of information in KeePass. A password, key file (burnt onto read only media), and a challenge response device like YubiKey.
It is a lot of steps but if the cracker ever got your password file they would need all 3 bits of information to open it.

LandyVlad

Scary.
As computers develop and especially with improving AI there will come a time when in the not too distant future, passwords will be entirely ineffective at protecting information, other than from the person sitting in the office next to you.

Biometrics is the only way forward but maintaining the security of that is another HUGE issue!

I use bitwarden FWIW.
I reject your reality, and substitute my own.

Skhilled

I used to use Bitwarden but now I use BitDefender and it's Password Manager.