Batu69 Posted June 16, 2015 Share Posted June 16, 2015 Bad news first, folks. LastPass, our favorite password manager (and yours) has been hacked. It’s time to change your master password. The good news is, the passwords you have saved for other sites should be safe.The Intermediate Guide to Mastering Passwords with LastPass LastPass is easy, secure, and works across systems and browsers—it's our favorite password… Read more LastPass has announced on their company blog that they detected an intrusion to their servers. While encrypted user data (read: your stored passwords for other sites) was not stolen, the intruders did take LastPass account email addresses, password reminders, server per user salts, and authentication hashes. The latter is what’s used to tell LastPass that you have permission to access your account.According to LastPass, the authentication hashes should be sufficiently encrypted to prevent anyone from using them to access your account. However, the company is still prompting all users to update their master password that they use to log in to their LastPass account. If you use LastPass, you should do this immediately. If you share that master password with any other services, you should change it there, too. Finally, if you haven’t enabled two-factor authentication you should do that immediately here.Here's Everywhere You Should Enable Two-Factor Authentication Right Now Two-factor authentication is one of the best things you can do to make sure your accounts… Read more We’ve talked about what happens if LastPass gets hacked before. As it stands, it doesn’t seem that this hack resulted in any significant data losses for users. However, it’s still important to take steps necessary to protect your account as soon as you can.Note: It sounds like LastPass’ servers are getting hammered right now, so if your password change doesn’t go through, check back frequently through the day until it does.LastPass Security Notice | LastPasslifehacker.com Link to comment Share on other sites More sharing options...
OrbingStorm Posted June 16, 2015 Share Posted June 16, 2015 Im glad you told me because I never recieved an email from Lasspass letting me know. :angry: Link to comment Share on other sites More sharing options...
mona Posted June 16, 2015 Share Posted June 16, 2015 Done. :showoff:Thanks Batu for your heads up ! BTWYou gonna find LastPass multifactor authentication options here. Link to comment Share on other sites More sharing options...
provision Posted June 16, 2015 Share Posted June 16, 2015 I changed my password two days ago... and now again :) Link to comment Share on other sites More sharing options...
kingviking Posted June 16, 2015 Share Posted June 16, 2015 changed B) Link to comment Share on other sites More sharing options...
Arachnoid Posted June 16, 2015 Share Posted June 16, 2015 LastPass has announced on their company blog that they detected an intrusion to their servers. While encrypted user data (read: your stored passwords for other sites) was not stolen, the intruders did take LastPass account email addresses, password reminders, server per user salts, and authentication hashes. The latter is what’s used to tell LastPass that you have permission to access your account.According to LastPass, the authentication hashes should be sufficiently encrypted to prevent anyone from using them to access your account. However, the company is still prompting all users to update their master password that they use to log in to their LastPass account. If you use LastPass, you should do this immediately. If you share that master password with any other services, you should change it there, too. Finally, if you haven’t enabled two-factor authentication you should do that immediately here.Alternatly they could have compromissed the server with software that reads all the newly created passwords and steals the relavent salted files once more. Link to comment Share on other sites More sharing options...
Ponting Posted June 16, 2015 Share Posted June 16, 2015 Useful info :think: https://www.reddit.com/r/Android/comments/39y6eh/psa_lastpass_was_breached_master_password_hashes/cs7o3k7 Link to comment Share on other sites More sharing options...
dcs18 Posted June 16, 2015 Share Posted June 16, 2015 Just one of the many reasons why I dumped this LastPass. Link to comment Share on other sites More sharing options...
kantry123 Posted June 16, 2015 Share Posted June 16, 2015 Just one of the many reasons why I dumped this LastPass.whats ur alternative now ?regards Link to comment Share on other sites More sharing options...
dcs18 Posted June 16, 2015 Share Posted June 16, 2015 Just one of the many reasons why I dumped this LastPass.whats ur alternative now ?regardsRoboForm . . . . . . . . . . . . . simply awesome! :wub: Link to comment Share on other sites More sharing options...
Havokdan Posted June 16, 2015 Share Posted June 16, 2015 I use Keepass too, but i receive email today, morning Link to comment Share on other sites More sharing options...
psyko666 Posted June 16, 2015 Share Posted June 16, 2015 ehm.. I wonder if it's safe in the future to use LastPass, just a matter of time till all your stuff is on the open IMO.. Link to comment Share on other sites More sharing options...
Roger D Posted June 16, 2015 Share Posted June 16, 2015 Just one of the many reasons why I dumped this LastPass.whats ur alternative now ?regardsRoboForm . . . . . . . . . . . . . simply awesome! :wub:Is there any free version like Lastpass ? :rolleyes: Link to comment Share on other sites More sharing options...
dcs18 Posted June 16, 2015 Share Posted June 16, 2015 Just one of the many reasons why I dumped this LastPass.whats ur alternative now ?regardsRoboForm . . . . . . . . . . . . . simply awesome! :wub:Is there any free version like Lastpass ? :rolleyes:I am using one from a RoboForm Giveaway, myself. ^_^ Link to comment Share on other sites More sharing options...
Chatman Posted June 16, 2015 Share Posted June 16, 2015 There is no software which can't be cracked. The more bullet-proof guarantees, the more chances that someone will want to break it. Link to comment Share on other sites More sharing options...
Zex Posted June 16, 2015 Share Posted June 16, 2015 Keepass is the best. Free and extensible with plugins.Dumped buggy Roboform for it. Link to comment Share on other sites More sharing options...
kantry123 Posted June 16, 2015 Share Posted June 16, 2015 Just one of the many reasons why I dumped this LastPass.whats ur alternative now ?regardsRoboForm . . . . . . . . . . . . . simply awesome! :wub:Is there any free version like Lastpass ? :rolleyes:lastpass browser extension is freewe all use the brow extnregards Link to comment Share on other sites More sharing options...
steven36 Posted June 16, 2015 Share Posted June 16, 2015 There is no software which can't be cracked. The more bullet-proof guarantees, the more chances that someone will want to break it.If it can be cracked it can be hacked that's for sure :lol: I put my passwords in the old way . Always have. I just keep them in a safe place . Link to comment Share on other sites More sharing options...
psyko666 Posted June 16, 2015 Share Posted June 16, 2015 I'm not a genius in these things... but guys... should I remove/delete my LastPass account or not?I mean.. is it still safe to use? Link to comment Share on other sites More sharing options...
user@nsaneforums Posted June 16, 2015 Share Posted June 16, 2015 Just one of the many reasons why I dumped this LastPass.whats ur alternative now ?regardsRoboForm . . . . . . . . . . . . . simply awesome! :wub:till get hacked :P Link to comment Share on other sites More sharing options...
dcs18 Posted June 16, 2015 Share Posted June 16, 2015 Just one of the many reasons why I dumped this LastPass.whats ur alternative now ?regardsRoboForm . . . . . . . . . . . . . simply awesome! :wub:till get hacked :PYou mean "history repeats itself" . . . . . . . . . . . like it always has - for LastPass. :tehe: Link to comment Share on other sites More sharing options...
psyko666 Posted June 16, 2015 Share Posted June 16, 2015 https://xkcd.com/936/ Link to comment Share on other sites More sharing options...
steven36 Posted June 16, 2015 Share Posted June 16, 2015 till get hacked :PHackers stole every single Federal government workers SSN and info in the USA . Do you think some cheap software can protect you when Governments with all the money they need at there disposal can't even protect themselves ? ;) Link to comment Share on other sites More sharing options...
psyko666 Posted June 16, 2015 Share Posted June 16, 2015 https://xkcd.com/936/Except even then, if they go through all that time, effort, and computing power, if you take 5 seconds change your password now, the result they end up with (at whatever point in the future weeks, months or even years from now) will be absolutely f'ing useless, because they'll excitedly run over to lastpass.com, enter in this cracked password, and find it to be invalid, all because you were smart, calm, level-headed, and you changed your password a long, long time before they got to this point. SourceYou mean just the master password? Link to comment Share on other sites More sharing options...
steven36 Posted June 16, 2015 Share Posted June 16, 2015 You just have change your master password but thing is if they keep getting hacked maybe one day you will be in that number they get before they fix it .But that basic premise—you memorize one password to access all of your passwords—when you think about it does sound like an idiot move. Eggs, basket, etc.—if someone breaks into the application, they’ll have access to your passwords for everything you do. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.