LastPass, secure vault for all your passwords, was hacked
On Monday, password manager LastPass said that unknown hackers had broken into its servers, making off with user email addresses, password reminder answers, and even encrypted master passwords. The company, which promotes itself as the "last password you have to remember," allows people to store all their online passwords in one vault, accessed by a master password.
LastPass CEO Joe Siegrist said the company discovered the breach on Friday, and is "confident that our encryption measures are sufficient to protect the vast majority of users." The company has taken some precautions, he added, and encourages people with a "weak, dictionary-based master password (eg: robert1, mustang, 123456799, password1!)" or those who used their "master password as the password for other websites" to update their LastPass master password right away.
At Fast Company, Glenn Fleishman mostly agrees with LastPass's assessment that most accounts are safe, "so long as LastPass's description of how it holds user data is accurate and well implemented." But Joseph Bonneau, a cryptology researcher at Stanford, tells Wired that "this is still pretty bad," especially for people with weak passwords. "If they can brute force any master passwords, the attackers could extract password vaults and decrypt them for lots of users or some high value targets."
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
What pretty much everyone agrees on is that you need a really good master password. And it doesn't have to be a string of random gibberish, either. If you're looking for guidance, maybe Edward Snowden can help.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Peter has worked as a news and culture writer and editor at The Week since the site's launch in 2008. He covers politics, world affairs, religion and cultural currents. His journalism career began as a copy editor at a financial newswire and has included editorial positions at The New York Times Magazine, Facts on File, and Oregon State University.
-
Today's political cartoons - December 22, 2024
Cartoons Sunday's cartoons - the long and short of it, trigger finger, and more
By The Week US Published
-
5 hilariously spirited cartoons about the spirit of Christmas
Cartoons Artists take on excuses, pardons, and more
By The Week US Published
-
Inside the house of Assad
The Explainer Bashar al-Assad and his father, Hafez, ruled Syria for more than half a century but how did one family achieve and maintain power?
By The Week UK Published
-
Nobody seems surprised Wagner's Prigozhin died under suspicious circumstances
Speed Read
By Peter Weber Published
-
Western mountain climbers allegedly left Pakistani porter to die on K2
Speed Read
By Justin Klawans Published
-
'Circular saw blades' divide controversial Rio Grande buoys installed by Texas governor
Speed Read
By Peter Weber Published
-
Los Angeles city workers stage 1-day walkout over labor conditions
Speed Read
By Justin Klawans Published
-
Mega Millions jackpot climbs to an estimated $1.55 billion
Speed Read
By Catherine Garcia Published
-
Bangladesh dealing with worst dengue fever outbreak on record
Speed Read
By Catherine Garcia Published
-
Glacial outburst flooding in Juneau destroys homes
Speed Read
By Catherine Garcia Published
-
Scotland seeking 'monster hunters' to search for fabled Loch Ness creature
Speed Read
By Justin Klawans Published