LastPass hacked

Discussion in 'other security issues & news' started by Nanobot, Jun 15, 2015.

  1. Nanobot

    Nanobot Registered Member

    Joined:
    Jun 23, 2010
    Posts:
    238
    Location:
    Neo Tokyo
    http://lifehacker.com/lastpass-hacked-time-to-change-your-master-password-1711463571
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,055
    Location:
    The Netherlands
    LOL, this is getting embarrassing. I do wonder what type of security software they are using to protect their servers and data.
     
  3. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
  4. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    626
    Location:
    United States
    I tried to change my master password and I got a message that the system was over loaded and to try again later so I deleted the account which took me 6-7 tries.

    I keep all my passwords on a usb stick for emergencies.
     
  5. Tyrizian

    Tyrizian Registered Member

    Joined:
    Apr 26, 2012
    Posts:
    2,806
    I just hope they implement a better security strategy than what they have now, One that can hopefully prevent such thing's from happening.
     
  6. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    2,908
    Location:
    Australia
  7. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,052
    Location:
    USA
    Password changed.
     
  8. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    626
    Location:
    United States
    Any suggestions on alternatives?

    Sans a good recommendation I'll move to KeePass.
     
  9. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    Someday soon we'll just need a list of sites that have NOT been hacked. It'll be easier to keep track.
     
  10. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Funny that I already moved my important passwords to an offline platform... 2-Factor should be enough until I change the password.
     
  11. Kobayashi maru

    Kobayashi maru Registered Member

    Joined:
    Nov 7, 2009
    Posts:
    124
    Location:
    Drivin' all night my hands wet on the wheel....
    Been trying Keepass for a few days. It's good with the Firefox plugin. Roboform is ultimate, and cheap at present. LastPass is.... Last. Too many incidents out of your control.
     
  12. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    626
    Location:
    United States
    I was just trying it with Chrome and it's not a good experience with the extension I used. There is another to try.
     
  13. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    2,285
  14. Yura

    Yura Registered Member

    Joined:
    May 6, 2012
    Posts:
    20
    Any users of 1Password? I read good reviews on net but since it's time to move from lastpass I would like to know our forum member's opinions on this and other alternatives.
     
  15. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    626
    Location:
    United States
    Thanks, I ended up using the other one though.- CKP. ChromeiPass requires a plugin?

    Anyway KeePass does seem like a good option.
     
  16. hardhead

    hardhead Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    292
    Location:
    Blue Ridge, Va
    Been using Keepass for years and its really simple and easy to use. I highly recommend it.
     
  17. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
    password changed.
     
  18. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
  19. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,128
    You don't need extensions, just forget the too easy way of LastPass and similar.
    You can also sync with Keepass using Dropbox.
     
  20. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    730
    Good post - that's how I see it, too. Besides, I'm using 100,000 PBKDF2 rounds. There is simply no way right now how those intruders could decrypt my master password. Nevertheless, I've changed it as an additional safety measure using the Diceware word list.
     
  21. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    730
    And you really think that's on par with Lastpass security-wise? I don't.
     
  22. dogbite

    dogbite Registered Member

    Joined:
    Dec 13, 2012
    Posts:
    1,166
    Location:
    EU
    I did too, but this morning I have increased to 130k.
     
  23. Balthazar

    Balthazar Registered Member

    Joined:
    Nov 8, 2013
    Posts:
    137
    Location:
    Earth
    Ditto!
    My Keepass is also in an AppVM that is isolated from the network.

    I always have mixed feelings about cloud services and things like that. I don't like storing sensitive data on servers I don't or might not have access to.
     
  24. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Hacked servers, including security companies are becoming daily news. Services like these are high value targets. It amazes me that the people who worry about the theft of personal info and data from other companies servers would put their most sensitive data (passwords) on a server outside of their control. There's no way I'd put my passwords online. I'd rather deal with a little inconvenience than take that risk.
     
  25. Socio

    Socio Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    170
    Changed my password, however I am now looking into switching to 1password or Keepass as both are supposed to store passwords locally
     
Loading...