LastPass being ‘paranoid’ as it tries to clean up its password mess

passwordIs nothing sacred anymore? Universal password storage service LastPass announced via its blog that a hacking attempt earlier this week potentially accessed its database of sensitive user information – namely, passwords. Still investigating the situation, LastPass announced on Wednesday it will “be paranoid and assume the worst”.

The service assured that users’ who use “strong, non-dictionary based password or pass phrase” should be safe. “Unfortunately not everyone picks a master password that’s immune to brute forcing,” Last Pass said, and advised that all users’ change their master passwords and that the site would be verifying their identities. Unfortunately, that backfired as the site was rushed with traffic from users scrambling to change their passwords and is now implementing an incremental switch to keep things moving.

LastPass admits this “may be an overreaction…but we’d rather be paranoid and slightly inconvenience you than to be even more sorry [sic] later.” And in light of PlayStation’s recent data disaster and alleged mishandling of the situation, overcompensating for the possible intrusion is LastPass’ best bet. The suit lodged against PlayStation claims that the company did not inform its customers of the hack in a timely manner, costing many of them stolen credit cards. CEO Joe Siegrist told PC World he’s extremely doubtful that mass amounts of user data was stolen, but says LastPass will continue to be overly cautious. Siegrist admits it’s more than possible some information was accessed, though he believes only the usernames and passwords to log into LastPass were penetrated, and that passwords stored in LastPass were not.

Siegrist says LastPass is probably acting a little “alarmist,” but is trying to do right by its customers and keep them as up to date on the issue as possible (LastPass’ team has been very responsive via Twitter). He also says the site is rolling out improved encryption standards and making sure users are logging in via familiar IP addresses as an extra precaution. It’s not an enviable position to be in, but it sounds like PlayStation could have taken a play out of LastPass’ book on how to act fast and inform customers on this one.

There are a slew of password storage sites online – Passpack, KeePass, Agatra – and if you’re a user, it’s time to strengthen your password’s security. You might hear these tips (and possibly disregard them) all the time, but a subtle reminder never hurts:

  • Don’t limit yourself to common phrases. Use as much of the keyboard as possible.
  • Use as many characters – and numbers – as allowed.
  • Use both upper and lowercase characters.
  • If you can use symbols, do.
  • Many sites will notify you as to how strong your password is, but if you want an outside opinion, run it through Microsoft’s or HowSecureIsMyPassword’s verifiers.
  • Don’t use personal information. This can’t be stressed enough.
  • Dictionary words are easy to crack.
  • Repetition is bad, as are easy to identify patterns (sequential numbers, QWERTY, repeated letters).
Web

Data stolen from HealthCare.gov includes partial SSNs and immigration status

Around 75,000 users have had their user data stolen from government site healthcare.gov, including information on their immigration status, whether they were pregnant, and partial social security numbers.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Gaming

Every rumor about the PS5, including a new game from Luminous Productions

PlayStation 5 rumors have been circulating for over a year now but there's still plenty we don't know. Here's everything you need to know about the PS5, including rumors about its release, specs, and games.
Computing

Protecting your PDF with a password isn't difficult. Just follow these steps

If you need to learn how to password protect a PDF, you have come to the right place. This guide will walk you through the process of protecting your documents step-by-step, whether you're running a MacOS or Windows machine.
Computing

Turn your iPad into a display for your new Mac Mini with this workaround

The folks at Luna Display have figured out a workaround which lets you get the best of both worlds and use Wi-Fi and an adapter in order to turn your iPad into a display for the 2018 Mac Mini.
Computing

Latest SMS breach could allow hackers access to your online accounts

A new security breach that exposed more than 26 million text messages could be a huge nightmare for users relying on two-factor authentication. Many of the SMS on the database contained security codes and account reset links.
Computing

Microsoft’s Windows 10 Mail client goes freemium with the introduction of ads

Microsoft Windows Insiders are finding a nasty surprise inside the Mail app on the latest Windows 10 preview build in the form of banner ads. These ads will appear in the Mail app regardless of the webmail service you use.
Computing

All the best Apple MacBook deals for Black Friday 2018

Shoppers looking for a new Apple laptop could find huge savings on a new MacBook come Black Friday. Retailers are offering discounts as much as $650 on select MacBook, MacBook Air, and MacBook Pro models this holiday season.
Computing

Apple discontinues AirPort Extreme, Time Capsule as it exits Wi-Fi router business

Apple is now officially no longer in the router business. The company had already stopped selling the AirPort Express, and now its retail stores and websites have stopped offering the AirPort Extreme and Time Capsule.
Computing

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.
Computing

PDF to JPG conversion is quick and easy using these simple methods

Converting file formats can be an absolute pain, but it doesn't have to be. We've put together a comprehensive guide on how to convert a PDF to JPG, no matter which operating system you're running.
Computing

Crypto hangover could take blame for Nvidia’s potential GeForce RTX 2060 delay

Nvidia's delay in announcing a ship date for its GeForce RTX 2060 GPU could be due to a burst in the cryptocurrency mining bubble. Executives blamed the crypto hangover for an oversupply of inventory on existing GTX 1060 cards,
Computing

Save $900 on the ThinkPad X1 Carbon and more with Lenovo’s Cyber Monday sales

In the latest set of holiday sales, Lenovo is heavily discounting its fifth-generation ThinkPad X1 Carbon and other popular Windows laptops and 2-in-1s for the holiday shopping season.
Computing

Want to make one hard drive act like two? Here's how to partition in Windows

If you don't want all of your files stored in one place but only have one drive to work with, partitioning is your best way forward. Here's how to partition a hard drive in Windows 10, step by step.