LastPass Confirms Its Second Data Breach in Three Years
I have been using and recommending LastPass for a few years. Despite the breach, I am confident that my data is still secure - all the data is stored encrypted and the encryption key is not available to LastPass at all.
I'm still using it
I'm still happy with them and don't plan to change. It's not perfect but it works a lot better and much more securely than a yellow sticky or a book of passwords. In particular, it encourages the use of different passwords for every single site and not many permutations on one theme: hackers love that.
You should use a Password Manager too
LastPass remains safe to use but it's not the only one available, this what the How-To Geek says.
News from Review Geek (Review Geek – Make Gadgets Fun Again)
Uh oh. The password management company LastPass informed users today that it has suffered a data breach and security incident. According to the report, this hack led to the theft of proprietary Lastpass source code and other technical information.
While this is certainly bad news and something LastPass even has a blog post about, the password manager claims that customer data and accounts are safe. The report goes on to state that no master passwords or encrypted vault data were not compromised or obtained by these bad actors.
According to CEO Karim Toubba, “We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information. Our products and services are operating normally.”
For those unaware, password managers like LastPass let you securely store all of your passwords, payment info, and essential login details in one highly encrypted database or vault. Then, you access all of those with one master password.