LastPass being ‘paranoid’ as it tries to clean up its password mess

passwordIs nothing sacred anymore? Universal password storage service LastPass announced via its blog that a hacking attempt earlier this week potentially accessed its database of sensitive user information – namely, passwords. Still investigating the situation, LastPass announced on Wednesday it will “be paranoid and assume the worst”.

The service assured that users’ who use “strong, non-dictionary based password or pass phrase” should be safe. “Unfortunately not everyone picks a master password that’s immune to brute forcing,” Last Pass said, and advised that all users’ change their master passwords and that the site would be verifying their identities. Unfortunately, that backfired as the site was rushed with traffic from users scrambling to change their passwords and is now implementing an incremental switch to keep things moving.

LastPass admits this “may be an overreaction…but we’d rather be paranoid and slightly inconvenience you than to be even more sorry [sic] later.” And in light of PlayStation’s recent data disaster and alleged mishandling of the situation, overcompensating for the possible intrusion is LastPass’ best bet. The suit lodged against PlayStation claims that the company did not inform its customers of the hack in a timely manner, costing many of them stolen credit cards. CEO Joe Siegrist told PC World he’s extremely doubtful that mass amounts of user data was stolen, but says LastPass will continue to be overly cautious. Siegrist admits it’s more than possible some information was accessed, though he believes only the usernames and passwords to log into LastPass were penetrated, and that passwords stored in LastPass were not.

Siegrist says LastPass is probably acting a little “alarmist,” but is trying to do right by its customers and keep them as up to date on the issue as possible (LastPass’ team has been very responsive via Twitter). He also says the site is rolling out improved encryption standards and making sure users are logging in via familiar IP addresses as an extra precaution. It’s not an enviable position to be in, but it sounds like PlayStation could have taken a play out of LastPass’ book on how to act fast and inform customers on this one.

There are a slew of password storage sites online – Passpack, KeePass, Agatra – and if you’re a user, it’s time to strengthen your password’s security. You might hear these tips (and possibly disregard them) all the time, but a subtle reminder never hurts:

  • Don’t limit yourself to common phrases. Use as much of the keyboard as possible.
  • Use as many characters – and numbers – as allowed.
  • Use both upper and lowercase characters.
  • If you can use symbols, do.
  • Many sites will notify you as to how strong your password is, but if you want an outside opinion, run it through Microsoft’s or HowSecureIsMyPassword’s verifiers.
  • Don’t use personal information. This can’t be stressed enough.
  • Dictionary words are easy to crack.
  • Repetition is bad, as are easy to identify patterns (sequential numbers, QWERTY, repeated letters).
Computing

It took Dell years to fix 1 problem on its best laptop. Here’s how it did it

The new Dell XPS 13 moves the webcam from the below the screen to the top, finally vanquishing the one obstacle facing thin, sleek laptop displays. We have the exclusive story on how it was done.
Mobile

2019's 10 best dating apps to help you find the perfect companion

Everyone knows online dating can be stressful, time-consuming, and downright awful. Check out our top picks for the best dating apps, so you can streamline the process and find the right date, whatever you're looking for.
Mobile

How to use iOS 12’s Passwords and Accounts tool to autofill passwords

Keeping track of all your passwords and accounts can be a real chore. If you use an iPhone with iOS 12, then you don't have to. Here's how to use iOS 12's own password manager to autofill passwords.
Gaming

Fortnite V-Bucks being used by criminals for money laundering on dark web

Criminals are using Fortnite's V-Bucks for money laundering schemes on the dark web. Epic Games, apparently, is not doing enough to prevent the game from being used for the illegal activity.
Computing

Data breach compromises 773 million records, 21 million passwords

A security researcher was alerted to a collection of breached data that included more than 773 million compromised records. After digging deeper, the breach was revealed to contain more than 21 million passwords.
Product Review

The Digital Storm Aventum X is an unstoppable gaming PC. Trust us, we tried

Packed with dual-Nvidia RTX 2080 Ti graphics card and a 9th-generation Intel Core i9 processor, the Aventum X is an infinitely upgradeable gaming PC that’s capable of far more performance than you’ll ever need.
Computing

‘Flexgate’ is the latest controversy plaguing some MacBook Pro owners

iFixit recently uncovered a new "Flexgate" issue with MacBook Pros after some consumers reported a "stage light" effect, where the backlighting on the device would fail and cause the bottom of the display to become slightly distorted.
Computing

Breeze through security with these checkpoint-friendly laptop bags

Getting through airport security is a drag, but your laptop bag shouldn’t be. Thankfully, these checkpoint-friendly laptop bags will get you and your gear to your destination with ease.
Computing

Ditch the backdrop from your photos with these handy tools

Need to know how to remove the background from an image? Here's how, whether you prefer to use a premium program like Photoshop or one of the many web-based alternatives currently in existence.
Computing

Think someone's leeching off your Wi-Fi connection? Here's how to find out

It's important to find out immediately if anyone is stealing your bandwidth. Here's how to tell if someone is stealing your Wi-Fi using a few simple tools, along with some suggestions on improving security.
Computing

Open RAR files with the greatest of ease using these awesome applications

Few things are more bothersome than not being able to open a file when you need it most. Check out our quick guide about how to open RAR files in Windows and MacOS. We will walk you through the process, step by step.
Web

Google Chrome’s latest decision could prevent most ad-blockers from functioning

Google Chrome's newest change is cited as a step forward for speed and security, but could profoundly alter how the majority of ad-blocking extensions operate. The move potentially gives Google more control over which ads can be blocked.
Computing

Samsung permits peek at an eye-popping, 15-inch 4K OLED laptop display

Samsung is now preparing for the new OLED laptop trend and is providing a look at an eye-popping 15.6-inch 4K OLED panel that is expected to power larger premium laptops in the new year.
Music

Here's our head-to-head comparison of Pandora and Spotify

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.