![]() ![]() We strongly recommend that you take the time and switch to a competitor if you haven’t already. In 2021, some users got another scare when they noticed blocked logins from other locations in the world, though these notices were either sent in error or because users re-used their master passwords on other services. A third-party service was affected at that time. The company experienced another breach using data obtained in the same attack last month. In some countries, protecting these details is a matter of life and death, or at least freedom and imprisonment. Bad actors can use this information to get a detailed profile of someone's online life, including potential insight into sexual preferences if someone has their dating app password saved. ![]() Palant also isn't happy about LastPass claiming that URLs are not sensitive information. Older accounts enjoy even less protection than that. On top of that, LastPass only uses minimum cryptographic protections meant to thwart brute-force attacks, which makes it likely that most of the leaked vaults could be opened much faster than the millions of years claimed by LastPass. In a detailed blog post, the researcher makes clear that LastPass never enforced its newer 12-character master password requirement for legacy users. Security researcher and AdBlock Plus creator Wladimir Palant cautions LastPass users that their data might be much less secure than what the company wants to make them believe. It also doesn’t help that LastPass’s blog post doesn’t cut to the point straight away, going on about the history of the attack in the first few paragraphs rather than saying that vaults have been obtained at the top. Many IT departments in charge of companies' password security might already be on vacation, and private users could be more concerned about visiting family than their passwords. The revelation that LastPass vaults were obtained by hackers came at an inconvenient time, with the company releasing details just a few days before Christmas.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |