LastPass being ‘paranoid’ as it tries to clean up its password mess

passwordIs nothing sacred anymore? Universal password storage service LastPass announced via its blog that a hacking attempt earlier this week potentially accessed its database of sensitive user information – namely, passwords. Still investigating the situation, LastPass announced on Wednesday it will “be paranoid and assume the worst”.

The service assured that users’ who use “strong, non-dictionary based password or pass phrase” should be safe. “Unfortunately not everyone picks a master password that’s immune to brute forcing,” Last Pass said, and advised that all users’ change their master passwords and that the site would be verifying their identities. Unfortunately, that backfired as the site was rushed with traffic from users scrambling to change their passwords and is now implementing an incremental switch to keep things moving.

LastPass admits this “may be an overreaction…but we’d rather be paranoid and slightly inconvenience you than to be even more sorry [sic] later.” And in light of PlayStation’s recent data disaster and alleged mishandling of the situation, overcompensating for the possible intrusion is LastPass’ best bet. The suit lodged against PlayStation claims that the company did not inform its customers of the hack in a timely manner, costing many of them stolen credit cards. CEO Joe Siegrist told PC World he’s extremely doubtful that mass amounts of user data was stolen, but says LastPass will continue to be overly cautious. Siegrist admits it’s more than possible some information was accessed, though he believes only the usernames and passwords to log into LastPass were penetrated, and that passwords stored in LastPass were not.

Siegrist says LastPass is probably acting a little “alarmist,” but is trying to do right by its customers and keep them as up to date on the issue as possible (LastPass’ team has been very responsive via Twitter). He also says the site is rolling out improved encryption standards and making sure users are logging in via familiar IP addresses as an extra precaution. It’s not an enviable position to be in, but it sounds like PlayStation could have taken a play out of LastPass’ book on how to act fast and inform customers on this one.

There are a slew of password storage sites online – Passpack, KeePass, Agatra – and if you’re a user, it’s time to strengthen your password’s security. You might hear these tips (and possibly disregard them) all the time, but a subtle reminder never hurts:

  • Don’t limit yourself to common phrases. Use as much of the keyboard as possible.
  • Use as many characters – and numbers – as allowed.
  • Use both upper and lowercase characters.
  • If you can use symbols, do.
  • Many sites will notify you as to how strong your password is, but if you want an outside opinion, run it through Microsoft’s or HowSecureIsMyPassword’s verifiers.
  • Don’t use personal information. This can’t be stressed enough.
  • Dictionary words are easy to crack.
  • Repetition is bad, as are easy to identify patterns (sequential numbers, QWERTY, repeated letters).
Home Theater

Kanopy privacy breach reveals which movies members have been streaming

Free video streaming site, Kanopy, has been inadvertently publishing millions of lines of web log data for days, according to a new security report. A bad actor could guess a person's identity and see what they've been watching.

Secure your Excel documents with a password by following these quick steps

Excel documents are used by people and businesses all over the world. Given how often they contain sensitive information, it makes sense to keep them from the wrong eyes. Thankfully, it's easy to secure them with a password.

Here's how you can control your PS4 right from your phone

Sony built the PlayStation 4 with smartphone and mobile integration in mind. Take a look at our guide for connecting your smartphone or tablet to a PS4, so you can get the most out of the system while on the go.

After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.

Go hands-free in Windows 10 with speech-to-text support

Looking for the dictation, speech-to-text, and voice control options in Windows 10? Here's how to set up Speech Recognition in Windows 10 and use it to go hands-free in a variety of different tasks and applications within Windows.

Get the most out of your high-resolution display by tweaking its DPI scaling

Windows 10 has gotten much better than earlier versions at supporting today's high-resolution displays. If you want to get the best out of your monitor, then check out our guide on how to adjust high-DPI scaling in Windows 10.

Looking for a Chromebook? The Google PixelBook just got a $200 price cut

Once relatively obscure, Chromebooks have come into their own in a big way in recent years. One of our favorites is the super-sleek Google Pixelbook, and it's on sale right now from Amazon for $200 off, letting you score this premium laptop…

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.

Nvidia’s GTX 1650 graphics card could be just a slight upgrade over the 1050 Ti

Rumors suggest Nvidia might soon launch the GTX 1650, and a leaked benchmark listing from Final Fantasy XV suggests that the new graphics card could be just a slight upgrade over last generation's GTX 1050 Ti. 

Get ready to say goodbye to some IFTTT support in Gmail by March 31

If This Then That, the popular automation service, will drop some of its support for Gmail by March 31. The decision comes as a response to security concerns and is aimed to protect user data.

Get the new Dell XPS 13 for $750 with this limited-time deal

Dell is currently running a limited time deal lasting through Thursday, March 28, where you can bring home a version of this year's new XPS 13 for around $750 with the use of a special coupon code. 

This is the easiest way to save your iPhone data to your computer

Living in fear of losing your contacts, photos, messages, and notes on your iPhone? Fear no more -- in this guide, we'll break down exactly how to back up your iPhone to your computer using Apple's iTunes or to the cloud with iCloud.

Here are the best iPad Pro keyboard cases to pick up with your new tablet

The iPad Pro range can double as laptops, but they do need proper keyboards to fill in effectively. Thankfully, there are loads to choose from and we rounded up the best iPad Pro keyboard cases right here.

Microsoft’s Clippy came back from the dead, but didn’t last very long

Before Cortana, Alexa, and Siri even existed, Microsoft Clippy dominated the screens of computers in the 1990s to help assist Microsoft Office users when writing letters. He recently made a bit of a comeback only to die off again.