Hackers were basically free to come and go after one of the world’s most popular independent password managers, LastPass, was hacked in November. Writes HWSW.
One of the company’s third-party cloud storages was attacked by a hacker in November, the results of the investigation were reported by LastPass. Based on the results, the company basically admitted that all information (confidential and unencrypted) was accessed by the hackers during the hack.
This affects a huge user base, LastPass has approximately 33 million individual customers and over 100,000 corporate customers. The company holds sensitive data such as passwords and login IDs.
With the service, IDs and passwords are kept in so-called “digital safes”, which are unlocked by a master password – usually this is known only to the owner. However, hackers also got hold of these safes during a hack: LastPass says they’re incredibly difficult to crack, but only if the owner follows instructions. That is, you set a long, complex and insufficiently used password as the master password.
The November attack was the second attack against LastPass this year. The first happened in the summer: using the data obtained here, attackers managed to compromise the system through employee access.
LastPass is one of the most popular password managers in the world, and a few years ago they designed their packages in such a way that the free version was more than enough for most users. This changed at the end of March, and became paid – we’ve written about it here in detail.
If you want to know how secure your password or a similar password is, You can try it on this page. “1234” can be cracked in zero seconds, “secret” in 0.2 seconds, while, for example, “TelexaLegj0BB” can be cracked in 130.