Another LastPass Security Incident

Ice Tea

Ice Tea

Ice Tea

Soldato
Joined
1 Nov 2004
Posts
4,957
blog.lastpass.com

Security Incident December 2022 Update - LastPass

We are working diligently to understand the scope of the incident and identify what specific information has been accessed.
blog.lastpass.com blog.lastpass.com

We have determined that an unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers’ information. Our customers’ passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.
Click to expand...

Not sure if this has already been posted?
 
Are there better alternative to LastPass?

I’ve been thinking about moving to use exclusively Apple KeyChain but I’m unsure of the drawbacks. I understand it is now possible to use with windows but the integration might not be that great.
 
Last edited:
I've been forced into KeePass with the last couple of companies I've worked at and I really don't like the interface.
 
In all honesty, companies like LastPass will be under constant attacks due to the reward that the hackers may get from managing to access a whole cache of passwords.

All they can really do is stave off the majority of attacks and, when they are breached, have a system in place (like the Zero Knowledge architecture they state) which will give users sufficient time to change the passwords before or if the encryption is broken.
 
Stretch said:
Are there better alternative to LastPass?

I’ve been thinking about moving to use exclusively Apple KeyChain but I’m unsure of the drawbacks. I understand it is now possible to use with windows but the integration might not be that great.
Click to expand...
I dabbled with 1password and it was a disaster. Would likely be easier if you were a bit more techy than me, have more patience than me and have a mac. Otherwise getting your info out of apple is extremely tedious and difficult. You can do a free trial of 1password and see if you like it but I hated it.
Have a flick through last two pages of this thread. https://forums.overclockers.co.uk/threads/password-managers.18895708/page-13
 
Richie said:
In all honesty, companies like LastPass will be under constant attacks due to the reward that the hackers may get from managing to access a whole cache of passwords.

All they can really do is stave off the majority of attacks and, when they are breached, have a system in place (like the Zero Knowledge architecture they state) which will give users sufficient time to change the passwords before or if the encryption is broken.
Click to expand...
Considering the treasure trove behind the locked vault doors of lastpass I wonder how often the employees face IT attacks on their personal systems, as well as bribery attempts.
 
Last edited:
I ditched lastpass and have a self hosted bitwarden, that might come with its own risks but it's got better and better and very happy.. self hosting gives all features for free..
 
Stretch said:
Are there better alternative to LastPass?

I’ve been thinking about moving to use exclusively Apple KeyChain but I’m unsure of the drawbacks. I understand it is now possible to use with windows but the integration might not be that great.
Click to expand...

1password

I was thinking about switching to keychain as well, but I really like 1p.
 
Vandle said:
I dabbled with 1password and it was a disaster. Would likely be easier if you were a bit more techy than me, have more patience than me and have a mac. Otherwise getting your info out of apple is extremely tedious and difficult. You can do a free trial of 1password and see if you like it but I hated it.
Have a flick through last two pages of this thread. https://forums.overclockers.co.uk/threads/password-managers.18895708/page-13
Click to expand...

What did you dislike about it? (1p)
 
I moved from lastpass and Google authenticator and consolidated everything to Bitwarden and Authy. Very easy to keep things synced across PC and mobiles devices and the UIs seem perfectly functional to me.
 
darkgen said:
I moved from lastpass and Google authenticator and consolidated everything to Bitwarden and Authy. Very easy to keep things synced across PC and mobiles devices and the UIs seem perfectly functional to me.
Click to expand...
I found a year ago, Bitwarden's implementation as a phone app in autofilling passwords not that great, but it's absolutely improved immensely in the last 12 months.. It might finally be good enough for the Mrs to use (We tried it once, she forgot her master password and couldn't figure out how to switch between apps smoothly when it couldn't auto-fill and my patience ran out.)
 
You must log in or register to reply here.
Back
Top Bottom