LastPass reports a security breach, time to change your master password

MacBook, coffee mug, and cactus

Last updated on December 10th, 2021

Popular cloud-based password management service LastPass has reported a breach of its servers, with some information stolen. While it’s not the (encrypted) user data (i.e., passwords), the data thieves did steal password reminders, email addresses, server per user salts, and authentication hashes. The last two are items used to verify account access. The company has posted more about this on their corporate blog.

While all of the above should be encrypted enough to make using the stolen info troublesome, it’s still advisable for everyone using LastPass to change their master password.

Although this is one of the downsides of using an online-based password manager, I still think LastPass’ service is pretty well done and convenient. It also beats trying to create/remember dozens of hard-to-guess secure passwords for multiple sites, or storing them in a plain-text format (a text document file, etc.). Of course, there’s alternate services available, including 1Password and KeePass.

Anthony Dean

Anthony Dean is the owner of Diverse Tech Geek and Diverse Media Notes.

View all posts by Anthony Dean →

Leave a Reply

Your email address will not be published. Required fields are marked *