- #LASTPASS DATA BREACH REDDIT HOW TO#
- #LASTPASS DATA BREACH REDDIT UPDATE#
- #LASTPASS DATA BREACH REDDIT TRIAL#
- #LASTPASS DATA BREACH REDDIT PASSWORD#
This is a password management app, not a weather app.
#LASTPASS DATA BREACH REDDIT UPDATE#
I was pleased with a few and found them more user friendly and intuitive with their form filling and password filling ability.
#LASTPASS DATA BREACH REDDIT TRIAL#
Second reason was if I had to change hundreds of passwords after being with LastPass for well over 10years, I figure I might as well trial other providers anyway. I think though I was annoyed that they failed at their 1 and only job which was securely keeping peoples passwords.
Sometimes you have to fail to learn a hard lesson right? My train of thought was maybe they will learn from this breach and that a breach could make them actually more secure than their competitors.
So, yes, both due to more stringent security requirements and higher ethical standards available at other password managers, I do think data is more secure elsewhere than with LP.įair question and along the same lines as the question I asked on this very same sub a couple of months ago. Given that, why would I trust them with my most sensitive information? They have not been forthright about the breach, have been slow with offering details when they do offer them, have offered no remediation and (see point above) are instead attempting to blame the user if the vault gets cracked. LP, through their complete lack of transparency throughout this whole ordeal, has demonstrated to me that they are a company I cannot trust. In addition to making all of these vaults that much easier to crack, that’s a hell of a way to treat your long-standing customers. Some older customers found that they were still at 500 iterations or even lower. If you haven’t already checked, check the iterations on your account – I’ve been a paying customer for seven years and my account was still left at 5000 iterations.
#LASTPASS DATA BREACH REDDIT HOW TO#
However, they never publicized the default or how to change the iterations to whatever LP’s current default was and, worse, represented that they had automatically upgraded the iterations on every account as security standards increased but did not actually do so. LP says that you should be safe IF your iteration count was set at LP’s “default” of over 100,000 iterations - if your current iteration count was less and your vault got cracked, well, they made it clear that this would be the customer’s fault. There was absolutely no good reason for LP to store this unencrypted were out in the open meaning that anyone who got the vault now knows to target you with phishing campaigns that are much more credible because they are coming specifically from the sites and accounts that you visit and reference specific details about you. Sure, maybe your passwords were still encrypted but all the information about sites you visited, such as the URL, etc. LP had certain very sensitive data that wasn’t even encrypted in the vault that was taken. The reasons included:ġPassword has an extra layer of security between the vault and your password which, as has been noted, means that simply sealing the vault – even if they have your password, does not permit people to access the vault. Last month I moved to 1Password and changed all my passwords. Like you, I was with LP for at least seven years as a paid Premium member.
0 kommentar(er)
