Jump to content
  • Sign Up
×
×
  • Create New...
New feature: 1 Vote = 0.10€ for server Owner!

Is LastPass safe? | Digital Trends

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted



Is LastPass safe? | Digital Trends

Digital Trends

LastPass has been in the news quite a bit over the past decade. Following some data breaches and security incidents, you may be wondering if it’s now safe to use the well-known password manager — whether you’re a previous, current, or potential LastPass user.

Let’s take a look at LastPass’ current features and security measures along with the previous incidents.

What is LastPass?

data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
Digital Trends

This is the hidden content, please
is a password management application available on the web, desktop, and mobile, as well as with browser extensions. It offers multifactor authentication, biometric login, autofill, a password generator, and dark web monitoring to go along with its basic password management features.

As for security,

This is the hidden content, please
, PBKDF2 hashing with SHA-256 salting, and a zero-knowledge model. LastPass also holds several security certifications including ISO 27001, TRUSTe, SOC3, and others.

Currently, LastPass has over 33 million users and an

This is the hidden content, please
.

This all sounds terrific, right? So, what’s the problem?

LastPass security incidents

data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
Madartzgraphics / Pixabay

There’s a reason people are asking if LastPass is safe to use. Security breaches, along with the theft of information over the years, are certainly cause for concern. To understand more about these incidents, let’s look at a brief timeline of what occurred.

2011: Security notification

LastPass found an irregularity in its network traffic along with one to match in one of its databases. Even though it didn’t find a specific breach, LastPass

This is the hidden content, please
for ***** that some of its data may have been hacked.

2015: Security breach

This is the hidden content, please
that it “discovered and blocked suspicious activity” on its network. The notification stated that email addresses, password reminders, server per user salts, and authentication hashes were compromised. However, it didn’t find evidence that user vault data was stolen and stated that user accounts were not accessed.

2021: Third-party trackers and master passwords

A LastPass user discovered several third-party trackers in the Android mobile app. While similar password managers also contained these types of trackers, the point was made that LastPass had the most between it, 1Password, Bitwarden, and Dashlane.

“No sensitive personally identifiable user data or vault activity could be passed through these trackers. These trackers collect limited aggregated statistical data about how you use LastPass,which is used to help us improve and optimize the product,” said the

This is the hidden content, please
by a LastPass representative.

Later in 2021, it was reported that LastPass users were notified via email that their master passwords were compromised and login attempts with those passwords were blocked. However, a

This is the hidden content, please
that the company investigated these reports and “determined the activity is related to fairly common ****-related activity …”

2022: Data theft

Probably the most memorable security incident occurred when a hacker stole a copy of the LastPass customer database, along with password vaults and data including names, email and billing addresses, partial credit card numbers, and URLs. There was a mix of encrypted and unencrypted data involved.

The

This is the hidden content, please
starts with the above August 2022 occurrence. It then with updates through the next few months, explaining its investigation into unusual activity in a shared third-party cloud storage service used to house backups along with other data.

Later in 2022, LastPass stated that data obtained in the original August incident was used to gain access to customer information, but that passwords remained encrypted.

The person or entity was able to obtain source code and technical information to later target a LastPass employee. They obtained credentials and keys in order to access and decrypt storage volumes within that cloud service. They then then copied information from a backup containing company names, usernames, email and billing addresses, phone numbers, and IP addresses.

In September 2023, a link was found between the 2022 data theft incident and more than

This is the hidden content, please
since the previous December.

Additional LastPass security measures

As mentioned earlier, LastPass uses the industry standard for encryption, PBKDF2 hashing with salting, and a zero-knowledge method for protecting your data.

It also undergoes routine audits and testing of its service and infrastructure, and provides users access to its security team for reporting possible weaknesses. LastPass also uses what’s called a Bug Bounty Program where white-hat hackers can submit bugs they find.

Should you use LastPass?

data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
Methodshop / Pixabay

With the current security measures, a good feature set, and millions of users, it sounds reasonable to use LastPass as your go-to password manager — if you can look past the security incidents spanning over a decade.

But that’s really what it comes down to. Can you look past the incidents? Would you feel that your data is safe? How much trust are you willing to put in LastPass?

There are many companies out there with password management products that haven’t made headlines or had incidents like LastPass. And, it certainly seems like LastPass has a permanent target on its back from hackers and thieves. Hopefully, the company is taking the necessary measures to fix the problems, but right now, you’ll have to decide whether it’s worth the risk.

Editors’ Recommendations










This is the hidden content, please

Computing,LastPass,password manager,Software,software project 1
#LastPass #safe #Digital #Trends

This is the hidden content, please

0
Link to comment
https://hopzone.eu/forums/topic/34515-is-lastpass-safe-digital-trends/
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept