I'll be sure to update the blog when we decide which solution to use. I'm continuing to use LastPass until I've found a viable alternative that does everything I want. What else am I doing?Īt this point, nothing. Whatever you decide to do, make sure going forward to use a secure vault passphrase, and don't re-use that passphrase anywhere else. Make sure to use a secure vault passphrase This is the type of breach they are designed to withstand, and the security benefits from using one far outweigh the potential risks of having the database stolen. Whatever you decide, continue using a password safe. Just do your research and make sure to pick one from a trusted, mainstream company that has all the features you want. There are several articles that list possible alternatives. This most recent issue is yet another reason why we are going to look for another alternative. This has been a project on our list for a number of years due to other reasons, cost and application performance being the major two. Here at the IAS, we are taking a look at a number of possible alternatives. There are a number of password vaults out there to choose from, you just have to weigh the options of which one works best for you. There is an undeniable level of trust lost due to this breach, and I wouldn't blame anyone for looking at another solution. This is definitely still disappointing news to come from LastPass. This means that when quantum computers are big enough to be a threat to encryption standards being used today, our LastPass vaults are still resistant to being cracked. The encryption being used to store your passwords is AES-256, which has been proven to be quantum resistant. It will take many decades for someone to be able to successfully brute force your main password. If you chose a secure password to secure your password vault within LastPass, you should be ok. LastPass, the password manager of choice here at the IAS for years, recently announced that their data store of user password safes had been breached and those encrypted safes had been stolen. The natural fear has always been that the passwords stored in the cloud would be stolen, which is why password managers use strong encryption to keep them safe. We've been recommending since 2013 that folks use a password manager to securely create and store your passwords so that you don't have to remember them. We, however, remain rather taken by the Terence Conran leatherbound "Logins & Passwords" book.Remembering all your passwords is difficult. Naturally, some users have been quick to trumpet the names of competing managers to which they intend to jump. Such is the level of slickness with which the tools integrate both within browsers and the iOS and Android platforms that users frequently never know what password has been used. Password managers are tremendously useful tools in a world where every website seems to require a login with ever more convoluted passwords. This hasn't been working for me for 3+ days - neither Chrome extension or website: /YJ8BijMhYN Still, at least whoever is running the LastPass Status Twitter account said the company was looking into the wave of wailing, before once again insisting that "no service issues have been identified." Charles Lehardy JanuI'm sorry Dave, I'm afraid I can't do thatįanning the flames is the company's attitude, which seems akin to the "works alright on my PC, guv" so beloved by techies and users alike. One thing I'm curious about is maybe it's only happening with people who have had LastPass for a certain amount of time? I've had mine since 2014. Multiple browsers, multiple devices, same issue everywhere! I got a reply from LastPass support saying to clear my cache. Some have indulged in a bit of amateur sleuthing to identify a pattern in the affected accounts. Customers have been asked to clear caches, reinstall apps, everything bar the immortal "turn it off and turn it on again" to no avail. While the company's status page insists that everything is hunky-dory, the volume of wailing indicates that something has gone awry. The best part is that LP says everything is ok: For some, the problem has been going on for since three days I can't log-in, getting message "An error has occurred while contacting the LastPass server. Social media is awash with customers unable to connect to the service either via the company's website or through its various apps. In fact, for some users it is still horizontal. Updated Password manager LastPass appears to have had a big night out on Friday, to the point where the service needed a lengthy lie down over the weekend.
0 Comments
Leave a Reply. |