By: Tom Manning - June 15, 2015
If you use LastPass, it is time to change your master password. Lastpass noticed some unusual activity on its network last Friday. The team was able to block the attack, but some data was compromised. LastPass says account email addresses, password reminders, server per user salts, and authentication hashes were compromised. The company points out however, that encrypted user vault data was NOT taken, and no t LastPass user accounts were accessed.
LastPass is taking steps to make sure every user is protected.
Nonetheless, we are taking additional measures to ensure that your data remains secure, and users will be notified via email. We are requiring that all users who are logging in from a new device or IP address first verify their account by email, unless you have multifactor authentication enabled. As an added precaution, we will also be prompting users to update their master password.
The company is notifying users that it maybe time to change their master password.
This is not the first time LastPass has detected suspicious activity on its network, and I'm sure it will not be the last. The LastPass architecture seems to be very secure however, and I still trust it for my passwords with a caveat. I never store bank information in LastPass. Source
blog comments powered by Disqus
Mobile Home | Desktop View | Forums |
Android | BlackBerry | iPhone
Palm | Windows | All
Copyright © 2002-2015 - Small Computing Group, LLC