Major Security Issue for LastPass Just Announced

ByCraig

I have often sung the praises of the LastPass Password Manager. Off the top of my head, I only know a couple of passwords for all of the websites that I access. And each website I visit has a different password. Instead of trying to keep up with a book or sticky notes where I have written all of my passwords, I simply use LastPass to manage all of it for me. Most of my websites allow me to have LastPass populate the login credentials for each website I access. And if I’m asked for a “strong password” when I sign up for a new service or website, LastPass is right there at my digital fingertips, ready to produce a strong password of any length of characters with letters, numbers, capitals, and symbols.

Unlike many other password managers, LastPass has a proprietary way of storing my information on their servers that can only be accessed with my LastPass password, so no one can steal my passwords … even if they were to be able to hack into LastPass’s main database. If I have logged out of the LastPass Extension on my browser, no one access my passwords and secure notes, even if they have my computer. Or phone. Or tablet. My master password unlocks the encrypted password vault online. The bottom line is that I love the way that technology can help me with technology.

Unfortunately, LastPass has been in the headlines recently. The most disturbing one appeared just moments ago. Evidently, there is a major security flaw in the software. According to the story, LastPass is recommending that users alter the way they are using their password manager: Disable the browser extension and use the LastPass Vault to access the websites rather than going directly to a webpage to use the self-populating features of the plugin.

Yes, this is serious business. Even if you don’t think you have anything important to hide, your personal privacy and identity is something worth protecting (take it from someone whose identity has been compromised by someone who used my credit card information to make a few purchases).

I still believe that LastPass is the best solution for managing all those passwords. But for the time being, I’m going to be a little more careful in the way I use it. You should too!

Similar Posts

| | |

WordPress at 30%

Several sources reported yesterday that WordPress runs on a whopping 30% of the top 10 Million most popular websites on the entire Internet.  Also, WordPress currently powers 60.2% of those websites that run a Contact Management System (CMS). One of the sources notes that my alma mater, UNC-Chapel Hill has recently moved its website to…

| |

Another Phishing Scam

phish verb (used without object) to try to obtain financial or other confidential information from Internet users, typically by sending an email that looks as if it is from a legitimate organization, usually a financial institution, but contains a link to a fake website that replicates the real one. (Source: https://www.dictionary.com/browse/phishing) Steve Dotto has identified…