Wednesday, 17 June 2015

Data LastPass Users Stolen By Hacking

Attackers have managed to break into the network of online password manager LastPass and there have stolen user data. These are e-mail addresses, reminders for passwords, user salts per server and authentication hashes.

LastPass is a popular cloud service where users their passwords for various websites and services in a "safe" to store. In a warning to users LastPass says it is confident that the measures encryption measures are sufficient to protect by far the most users. LastPass applies various measures to protect the authentication hash, making it difficult to retrieve the original password.

However, the company has announced additional measures. For example, users who log in from a new device or IP address first verify their account via e-mail unless multi-factor authentication is enabled. Also, users will be warned to change their master password. Furthermore, all users will be notified via e-mail. Since the encrypted "safe data" has not been captured, users their passwords to adjust not stored by LastPass.

No comments:

Post a Comment