Lastpass has been hacked
Password manager lastpass has been hacked in the latest round of cyber security news. On Friday their technical team discovered unknown Hackers have stolen password hashes (the result of the algorithm used to encrypt your password is) and other important information.
What is lastpass?
lastpass is a cloud based central password management tool. You store all of your online passwords into a ‘vault’ and can fill in forms and login details with a few clicks. No passwords to remember. Nice and easy.
Am I a Lastpass user?
Two easy ways of finding out
- Visit lastpass.com and send a password reminder request. If you receive an email. Login and change that password!
- Do you have the browser plugin available? Looks for this icon in your web browser.
What should I do now?
Change your lastpass master password. This should resolve the immediate danger but we strongly advise not using password managers that store information in the cloud. Having a password strategy or even an offline encrypted copy of your passwords is the best way to avoid these types of data leaks.
(We use keepass on an encrypted volume)
Keepass has the advantage of being able to choose where to store your data, the entire database is encrypted with strong algorithms and you can even place the file onto an encrypted USB or Hard drive for extra protection. SImply not having your password file in the cloud is going to offer much better security anyway.
You can also see my article on password security here