LastPass Asks Users To Change Password After Probable Breach

Found on ThreadPost on Wednesday, 04 May 2011

LastPassLastPass, a Web based password management firm, advised its customers to change the password they use to access the service following what the company discovered signs that its network may have been compromised.

An analysis of the outbound data transfer from the server is large enough to have included "people's email addresses, the server salt and their salted password hashes from the database."

Anybody who entrusts passwords to an online service is in a state of sin. I wouldn't give my passwords even to my closest friends, so why should I store them with a third party I don't even know? Now many people would say "because it's so convenient to access your passwords from anywhere". Guess what, convenience does not work together with security. It's a XOR decision.

Browse all articles« Previous « » Next »