Skip to main content
  1. Home
  2. Computing
  3. News

LastPass being ‘paranoid’ as it tries to clean up its password mess

Molly McHugh
By

passwordIs nothing sacred anymore? Universal password storage service LastPass announced via its blog that a hacking attempt earlier this week potentially accessed its database of sensitive user information – namely, passwords. Still investigating the situation, LastPass announced on Wednesday it will “be paranoid and assume the worst”.

The service assured that users’ who use “strong, non-dictionary based password or pass phrase” should be safe. “Unfortunately not everyone picks a master password that’s immune to brute forcing,” Last Pass said, and advised that all users’ change their master passwords and that the site would be verifying their identities. Unfortunately, that backfired as the site was rushed with traffic from users scrambling to change their passwords and is now implementing an incremental switch to keep things moving.

Recommended Videos

LastPass admits this “may be an overreaction…but we’d rather be paranoid and slightly inconvenience you than to be even more sorry [sic] later.” And in light of PlayStation’s recent data disaster and alleged mishandling of the situation, overcompensating for the possible intrusion is LastPass’ best bet. The suit lodged against PlayStation claims that the company did not inform its customers of the hack in a timely manner, costing many of them stolen credit cards. CEO Joe Siegrist told PC World he’s extremely doubtful that mass amounts of user data was stolen, but says LastPass will continue to be overly cautious. Siegrist admits it’s more than possible some information was accessed, though he believes only the usernames and passwords to log into LastPass were penetrated, and that passwords stored in LastPass were not.

Related

Siegrist says LastPass is probably acting a little “alarmist,” but is trying to do right by its customers and keep them as up to date on the issue as possible (LastPass’ team has been very responsive via Twitter). He also says the site is rolling out improved encryption standards and making sure users are logging in via familiar IP addresses as an extra precaution. It’s not an enviable position to be in, but it sounds like PlayStation could have taken a play out of LastPass’ book on how to act fast and inform customers on this one.

There are a slew of password storage sites online – Passpack, KeePass, Agatra – and if you’re a user, it’s time to strengthen your password’s security. You might hear these tips (and possibly disregard them) all the time, but a subtle reminder never hurts:

  • Don’t limit yourself to common phrases. Use as much of the keyboard as possible.
  • Use as many characters – and numbers – as allowed.
  • Use both upper and lowercase characters.
  • If you can use symbols, do.
  • Many sites will notify you as to how strong your password is, but if you want an outside opinion, run it through Microsoft’s or HowSecureIsMyPassword’s verifiers.
  • Don’t use personal information. This can’t be stressed enough.
  • Dictionary words are easy to crack.
  • Repetition is bad, as are easy to identify patterns (sequential numbers, QWERTY, repeated letters).

Editors' Recommendations

Topics
Molly McHugh
Molly McHugh
Former Digital Trends Contributor
Before coming to Digital Trends, Molly worked as a freelance writer, occasional photographer, and general technical lackey…
How to do hanging indent on Google Docs
Google Docs in Firefox on a MacBook.

The hanging indent is a classic staple of word processing software. One such platform is Google Docs, which is completely free to start using. Google Docs is packed with all kinds of features and settings, to the point where some of its more basic capabilities are overlooked. Sure, there are plenty of interface elements you may never use, but something as useful as the hanging indent option should receive some kind of limelight.

Read more
How to disable VBS in Windows 11 to improve gaming
Highlighting VBS is disabled in Windows 11.

Windows 11's Virtualization Based Security features have been shown to have some impact on gaming performance — even if it isn't drastic. While you will be putting your system more at risk, if you're looking to min-max your gaming PC's performance, you can always disable it. Just follow the steps below to disable VBS in a few quick clicks.

Plus, later in this guide, we discuss if disabling VBS is really worth it, what you'd be losing if you choose to disable it, and other options for boosting your PCs gaming performance that don't necessarily involve messing with VBS.

Read more
How to do a hanging indent in Microsoft Word
A person typing on a keyboard, connected to a Pixel Tablet.

Microsoft Word is one of the most feature-rich word processing tools gifted to us human beings. In fact, the very word “Word” has invaded nomenclature to the point where any discussion of this type of software, regardless of what the product is actually called, typically results in at least one person calling the software “Word.”

Read more