1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Lastpass report they were hacked!

Discussion in 'BlackHat Lounge' started by nad999, Jun 16, 2015.

  1. nad999

    nad999 Junior Member

    Joined:
    Sep 20, 2012
    Messages:
    147
    Likes Received:
    106
    They were apparently hacked on Friday and I learnt this in the news today. They officially want us to believe it is not too serious.

    Another reminder that convenience does not always rhyme with security. You might want to change your master passwords.

    https://blog.lastpass.com/2015/06/lastpass-security-notice.html/
    http://gizmodo.com/lastpass-defender-of-our-passwords-just-got-hacked-1711475964
     
    • Thanks Thanks x 1
  2. THUNDERELVI

    THUNDERELVI Elite Member

    Joined:
    Sep 12, 2009
    Messages:
    2,547
    Likes Received:
    2,200
    Gender:
    Male
    Location:
    W3
    Since I'm kinda paranoid about security, I have a master file with passwords for everything online. This file is of course hidden, encrypted and if the decryption key is entered 3 times wrong, everything is erased automatically. I keep it offline in multiple USB-s; no cloud, no Lastpass, no other crap that is out of my control and can be hacked any day.
    Call me crazy but it works :D
     
    • Thanks Thanks x 1
  3. imserious

    imserious Senior Member

    Joined:
    Mar 27, 2009
    Messages:
    950
    Likes Received:
    562
    Do you enter passwords manually each time?

    Thanks OP. I just enable two factor auth on Roboform -
    Sometimes you need things like this to do somthing so important.
     
  4. THUNDERELVI

    THUNDERELVI Elite Member

    Joined:
    Sep 12, 2009
    Messages:
    2,547
    Likes Received:
    2,200
    Gender:
    Male
    Location:
    W3
    Mostly yes I do (copy/paste) especially highly sensitive information such as my money sites, bank accounts, affiliate accounts, paypal, etc... The less important ones I might use an auto-fill since there will be less damage if they are hacked somehow. And also I forgot, as you said, ALWAYS use two-factor authentication in everything that supports it.