LinkedIn Hacked ?

Dist said:
Lastpass, I use it myself and highly recommend it. Normally I don't trust things like password managers, but Steve Gibson (who coined the term spyware, and does weekly security podcasts, although some think he is a little crazy) did an in depth review on the technical aspects and said Lastpass is pretty much as safe as you can get with a password manager.

It allows easy generation of decent passwords, and easy management of unique password for each website you use.

Free to use for PC browsers, and for a small fee ($12 a year) you get the premium account, which include things like Yubikey support, and a mobile app.
Click to expand...

KIA said:
I use Keepass on the desktop & KyPass on iOS. I use Dropbox to sync the database.
Click to expand...

Good info, thanks very much. Didnt know this sort of software was available. I'll definitely be signing up to one of these tonight....and changing all of my passwords!
 
Dist said:
Lastpass, I use it myself and highly recommend it. Normally I don't trust things like password managers, but Steve Gibson (who coined the term spyware, and does weekly security podcasts, although some think he is a little crazy) did an in depth review on the technical aspects and said Lastpass is pretty much as safe as you can get with a password manager.

It allows easy generation of decent passwords, and easy management of unique password for each website you use.

Free to use for PC browsers, and for a small fee ($12 a year) you get the premium account, which include things like Yubikey support, and a mobile app.
Click to expand...

Awesome. Now i just need to think of a new password i wont forget :D
 
Homer-Simpson said:
The list that was released was not salted
Click to expand...

It's that which concerns me, means they should be getting through the file in no time at all. I'm also worried that this file will be linked to a file of e-mail addresses as well so you may see attacks on your e-mail address and/or accounts linked to that e-mail address.
 
Guys, can I ask a small question on Last Pass?

I downloaded the app, and I installed it in chrome. Now, what I am thinking of doing is go on each website I ever logged in (the ones LastPass remembers) and swap the password with one auto generated (and secure) by LastPass.

if I understand correctly, if I update the LastPass entry, it will save my login information for ever (with the new password secured behind a LastPass account).

Am I right?

Also, am i right in thinking they will be stored if I format my PC (as they are stored in the account). So if I log in on a new PC, I will find my saved passwords.

If you say yes to both, then I have found the perfect tool!
 
The__Malteser said:
Guys, can I ask a small question on Last Pass?

I downloaded the app, and I installed it in chrome. Now, what I am thinking of doing is go on each website I ever logged in (the ones LastPass remembers) and swap the password with one auto generated (and secure) by LastPass.

if I understand correctly, if I update the LastPass entry, it will save my login information for ever (with the new password secured behind a LastPass account).

Am I right?

Also, am i right in thinking they will be stored if I format my PC (as they are stored in the account). So if I log in on a new PC, I will find my saved passwords.

If you say yes to both, then I have found the perfect tool!
Click to expand...

Yes that's what i'm doing for the passwords. Simply changing every password to an auto generated 20 character one and saving them all.

As for formatting i'd say so:

BACKUP AND RESTORE
Never lose another password - ever!

An encrypted backup copy of your data is stored in your account at LastPass.com. Securely and seamlessly restore your passwords if you change computers.
Click to expand...
 
Skillmister said:
Yes that's what i'm doing for the passwords. Simply changing every password to an auto generated 20 character one and saving them all.

As for formatting i'd say so:
Click to expand...

Woooooooo, thanks!

I'll go through everything now! No more 1 password for 1 password for everything!
EDIT: FYI, it doesn't remember all the passwords. I just found it missed one/a few.
 
Last edited:
Why cant these moronic companies hire IT specialists with actual brains?

I mean really its never surprising that a company that uses Plain-bloody-text passwords is going to get hacked, i bet they figured enough walls between them and a hacker would be a enough...pfft.

I only found it slightly surprising that Sony stored things like this, my respect for them nosedived after that though.
 
One little thing to remember when using lastpass which is sometimes overlooked, it can autologin or autofill the boxes, meaning you should never use the 'remember me' or 'keep me logged in' on websites, that way your browser will never store your login credentials.

Some little things to also watch out for is that the autologin plays up on some sites, for example if you set it to autologin to twitter, when you go to the twitter settings page there is an email address box, and a password box, so lastpass will think 'oh, you are not logged on, let me fill that in and submit it for you'. So in them sort of circumstances you should set it up to never autologin to twitter.com/settings/account

Once you get to grips with it, and go over the features it is great, and I love the yubikey integration which I've set up to be required on everything but my home PC. So if someone does get my master password they still need my yubikey if they are trying to login from anything but my home PC :)
 
Dist said:
One little thing to remember when using lastpass which is sometimes overlooked, it can autologin or autofill the boxes, meaning you should never use the 'remember me' or 'keep me logged in' on websites, that way your browser will never store your login credentials.

Some little things to also watch out for is that the autologin plays up on some sites, for example if you set it to autologin to twitter, when you go to the twitter settings page there is an email address box, and a password box, so lastpass will think 'oh, you are not logged on, let me fill that in and submit it for you'. So in them sort of circumstances you should set it up to never autologin to twitter.com/settings/account

Once you get to grips with it, and go over the features it is great, and I love the yubikey integration which I've set up to be required on everything but my home PC. So if someone does get my master password they still need my yubikey if they are trying to login from anything but my home PC :)
Click to expand...

Yeah, already seeing that. Putting auto log-in off on everything.

40 character password with all types of symbols here we come.

How long will it take to crack. Hmm...
 
You must log in or register to reply here.
Back
Top Bottom