Lastpass Disaster | Computer Skeptic | courierjournal.net – courierjournal
I’ve recommended LastPass as a password manager for years. A password manager is a convenient tool that remembers our passwords for us. Some of you may have come across a headline recently that LastPass was catastrophically hacked. You may have read that all your personal data was stolen and that you must change the password on all your websites immediately or doom, despair, and agony awaits!
I’m often critical of hyped headlines but this is not too much of an exaggeration. LastPass really was hacked and a lot of data was stolen. That data has been published in areas of the internet where criminals live. If you use LastPass (as I do), how concerned should you be? I’d say about medium to high.
Some basics: LastPass is, arguably, the king of password managers. They were one of the first ones and are generally considered to be a market leader. It remembers your passwords on both mobile and desktop/laptop computers. In addition to remembering passwords, LastPass can store your various shipping addresses and credit card numbers in a secure place. LastPass will fill in that information for you instead of typing it all manually every time. That’s awfully convenient but, of course, this convenience and popularity make LastPass a valuable target for hackers.
So, some hacker somewhere gained access to a LastPass developer’s work computer. Exactly how this happened is not known, but this commonly happens through some sort of fake email scam. This developer had access to the underlying code for LastPass. That means that the hackers had access to that code, too. That hacker was able to download the entirety of LastPass’ user data. I suspect this developer is now available for employment elsewhere.
The hackers downloaded “meta” data. This metadata is unencrypted, easy-to-read stuff such as your IP address and the websites you visited. That’s not a big deal. Your internet provider knows all this, too, and it’s not really considered “private.” But the hackers also downloaded your encrypted data. Encrypted means that the data is scrambled and extremely (if not impossible) to break unless the “master password” is known. This last part may or may not be a problem for you.
I happen to have a very long, fairly complicated master password for my LastPass data. It would take someone a very long time to decrypt my vault of data. So I’m not too terribly worried about my data but some of you may not have used a strong password. If that describes you, you need to immediately change your LastPass password and begin the laborious process of changing the passwords to all the websites. This stinks but it needs to be done.
Jim Fisher owns Excel Computer Services in Florence. Reach him at www.ExcelAL.com
We’re always interested in hearing about news in our community. Let us know what’s going on!
Sorry, there are no recent results for popular videos.
Sorry, there are no recent results for popular commented articles.