Researchers to reveal critical LastPass issues in November 2015

Status
Not open for further replies.
frogboy

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Content source
http://www.ghacks.net/2015/09/15/researchers-to-reveal-critical-lastpass-issues-in-november-2015/
Password managers are great as they store a virtually unlimited number of important information, accounts, passwords, credit card numbers and other sensitive data. They keep you from having to memorize unique strong passwords, or use other means to remember them such as writing them down.

All the data is protected by a single master password, and, if supported, by additional means of protection such as two-factor authentication.

Security of the password manager and its database is of utmost importance, considering that attackers would gain access to all the data stored by a user if they somehow managed to gain access to the account.

That single access would give the attacker access to most of the accounts of that user and even data that is not linked directly to the Internet if it has been added to the vault as well.


Full article. Researchers to reveal critical LastPass issues in November 2015 - gHacks Tech News
 
  • Like
Reactions: OokamiCreed, XhenEd, Cats-4_Owners-2 and 3 others
Tony Cole

Tony Cole

Level 27
Verified
May 11, 2014
1,639
Now I am worried, I have 2-step verification enabled but they can bypass this. I use the lastpass enterprise edition and the firefox plugin, should I remove that????

I think my auntie (who's 66) is right, it's too complicated, people can hack and the old way of pen and paper and money, not credit cards is the answer - she refuses to go online or have an email. I've had, on 5 occasions people trying to take money from my HSBC account.
 
  • Like
Reactions: LabZero and Cats-4_Owners-2
Cats-4_Owners-2

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
Tony Cole said:
Now I am worried, I have 2-step verification enabled but they can bypass this. I use the lastpass enterprise edition and the firefox plugin, should I remove that????

I think my auntie (who's 66) is right, it's too complicated, people can hack and the old way of pen and paper and money, not credit cards is the answer - she refuses to go online or have an email. I've had, on 5 occasions people trying to take money from my HSBC account.
Click to expand...
I wouldn't worry (yet) @Tony Cole, your auntie's method (& Klipsh's & Sr. Normal's) works because it is consistent but neither is it foolproof. Just keep a close eye on your bank accounts. I agree with Umbra, that your 2-step verification should be enough. If I were smarter, I'd stop being lazy & activate my own!:p It is too soon to jump ship from The H.M.S. Lastpass!:)
 
  • Like
Reactions: OokamiCreed, Tony Cole, Sr. Normal and 2 others
BoraMurdar

BoraMurdar

Community Manager
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
I will quote LastPass forums Admin
One thing to keep in mind is that the attack is not against our cloud servers, it requires access to your machine. If your machine is pwned, then you have problems no matter which password manager you're using.
...Martin continues to present his findings at various conferences, although the title of his presentation is definitely clickbait. Please read the post on his site; he responsibly disclosed his findings to us, and there is no reason he wouldn't do so if there were anything new.
Click to expand...
r3gj2.jpg
 
  • Like
Reactions: Cats-4_Owners-2, OokamiCreed and LabZero
OokamiCreed

OokamiCreed

Level 18
Verified
Honorary Member
Top Poster
Well-known
May 8, 2015
881
I'm always using LastPass. Just like I'm always using PIA VPN. I trust them. Simple as that. They know what they are doing. There is no "best" software. If there are no vulnerabilities, it just that they hide them from the public, or no one is willing to find them. LastPass ALWAYS tells you if there is a problem. Put trust in companies that are truthful. Not many of them left.
 
  • Like
Reactions: Welldone, 37507, Azure and 3 others
Status
Not open for further replies.

Similar threads

vtqhtr413
    • Like
    • +Reputation
Security News VPNs may become victim to password spraying attacks, Cisco warns
Replies
0
Views
1,184
Security News
vtqhtr413
vtqhtr413
Brownie2019
    • Like
Unlimited Giveaway aiseesoft iPhone Password Manager
Replies
0
Views
375
Giveaways, Promotions and Contests
Brownie2019
Brownie2019
[correlate]
    • Wow
    • Like
    • +Reputation
Proton Pass Retains Passwords in Cleartext Form in Memory
Replies
5
Views
1,933
News Archive
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top