TeqGo.com
No Result
View All Result
No Result
View All Result
TeqGo.com
No Result
View All Result
Home Computer

LastPass Data Breach: It’s Time to Ditch This Password Manager

Staff by Staff
December 28, 2022
in Computer
0
LastPass Data Breach: It's Time to Ditch This Password Manager
467
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter


This means that LastPass users should go through their vaults and take extra steps to protect themselves—including changing all of their passwords. 

Start by turning on two-factor authentication for as many of your accounts as possible, particularly high-value accounts like your email, financial services, and highly used social media accounts. This way, even if attackers compromise the passwords for the accounts, they can’t actually log in without the one-time code or hardware authentication key you’ve added as the “second factor.” Next, change the passwords for all of those sensitive and high-value accounts. And then change all the remaining passwords stored in your LastPass vault.

As you’re doing all of this (or at least as much of it as you can), the time is ripe to switch to a new password manager. You can add accounts to the new service as you change them. WIRED recommends 1Password and the free service Bitwarden along with some alternatives. We haven’t recommended LastPass since the company scaled back its free offerings a couple of years ago, given that LastPass had suffered an array of past security incidents before this latest, most dire breach was even revealed.

“One hundred percent, yes, people should switch to other password managers,” says one senior security engineer, who asked not to be named because of professional relationships with people on the LastPass security team. “They failed to do the one thing they are supposed to provide—cloud-based secure credential storage.”

Security practitioners universally emphasize that the situation with LastPass shouldn’t deter people from using password managers in general. And if you’re a loyal LastPass user, you should still change your vault password, turn on two factor for every account that offers it, and change all the passwords in your vault even if you don’t migrate somewhere else in the process.

“As someone with experience handling and communicating EU data breach notifications, I’d say that LastPass’s chosen communication strategy may undermine user confidence,” says Lukasz Olejnik, an independent privacy researcher and consultant. “The big issue is also the timing. Why do it just prior to the end of year holidays when the initial investigation began months ago?”

As Jeremi Gosney, a longtime password cracker and senior principal engineer of the Yahoo security team, wrote this week in an extensive series of posts about the situation: “I used to support LastPass. I recommended it for years and defended it publicly in the media … But things change.”



Source link

Tags: hackingpasswordssecurityvulnerabilities
Previous Post

IoT Benefits and Implementation For Business

Next Post

Lobbyists have held up nation’s first right-to-repair bill in New York

Next Post
Lobbyists have held up nation’s first right-to-repair bill in New York

Lobbyists have held up nation’s first right-to-repair bill in New York

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Hacker group incorporates DNS hijacking into its malicious website campaign

Hacker group incorporates DNS hijacking into its malicious website campaign

January 22, 2023

Can you eat the octopus head?

August 23, 2022

Trending.

What happened to Andrew Humphrey on Channel 4 weather?

August 24, 2022

Who is the new weather man on Channel 4 Detroit?

August 24, 2022

Why is Ben Bailey leaving WDIV?

August 24, 2022

What is a 100000 year period called?

August 23, 2022

Who recently left WDIV?

August 24, 2022
  • About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer

© 2021-2023 Teqgo.com

No Result
View All Result
  • About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer

© 2021-2023 Teqgo.com