Skip to main content
  1. Home
  2. Computing
  3. News

LastPass suspects a breach, meaning it’s time for a password change

By

lock, computing, security
Pixabay
LastPass, the password management service, posted an update on June 15 to its blog noting that there had been “suspicious activity” on its website. The company stated, however, that its encryption measures have kept all of its users’ data safe.

“LastPass strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side,” wrote LastPass CEO and Founder Joe Siergrist. “This additional strengthening makes it difficult to attack the stolen hashes with any significant speed.”

Recommended Videos

As a result of the suspected breach, LastPass says it’s requiring all of its users who are logging in from a new device or IP address to verify their email, unless a multifactor authentication is enabled. LastPass is also asking everyone to update their master password, which could be a downer if you already committed your old one to memory.

Related

And to make sure everyone is up to speed, LastPass is emailing all of its customers about the breach. Now, it appears that the website is handling a large wave of customers attempting to keep their data secure, according to TechSpot.

As of late Monday afternoon, a server overload message has been popping up when you attempt to change your master password. This doesn’t mean you should give up on taking LastPass’ advice, however, especially if it turns out the breach is worse than expected.

“We apologize for the extra steps of verifying your account and updating your master password, but ultimately believe this will provide you better protection,” Siergrist continued.

LastPass, which is headquartered in Virginia, does business in 71 countries around the world. In addition to encrypting passwords, LastPass encrypts and decrypts information locally before syncing it. This allows you to keep your sensitive data on your device.

“Security and privacy are our top concerns here at LastPass,” said Siergrist, reassuring customers following the breach.

Editors' Recommendations

Topics
Krystle Vermes
Krystle Vermes
Former Digital Trends Contributor
Krystle Vermes is a professional writer, blogger and podcaster with a background in both online and print journalism. Her…
Using LastPass? You need to switch urgently, says security firm
A dark mystery hand typing on a laptop computer at night.

It’s a good idea to use one of the best password managers to keep your logins safe, but now a security company is warning that one of the most popular password managers in the world is not safe to use.

The extraordinary claim comes from Intego, a firm that specializes in Mac security. Intego made its assertion based on a series of security breaches LastPass has suffered in recent months, the way LastPass has responded to those incidents, and the underlying technology LastPass uses to protect customer accounts.

Read more
Hackers just stole LastPass data, but your passwords are safe
A physical lock placed on a keyboard to represent a locked keyboard.

The developers behind password management software LastPass have just shared some concerning news: Bad actors were recently able to access “elements of our customers’ information” in a recent security breach.

It’s the second time in just a couple of months that LastPass has suffered a security incident, and it appears the two events are directly linked. That’s because LastPass’s developers say that the unauthorized party was able to access customer data “using information obtained in the August 2022 incident.”

Read more
Here’s how much faster Nvidia’s RTX 4090 is at cracking passwords
Nvidia GeForce RTX 4090 GPU.

You really shouldn’t be trying to manage your own passwords when high-performance graphics cards featuring GPUs as powerful as Nvidia’s GeForce RTX 4090 could be in use by hackers. The password-cracking speed of Nvidia’s best GPU has been highlighted before but the latest revelation points out the performance compared to other graphics cards.
Security analyst and researcher Sam Croley goes by Chick3nman on Twitter where he shares information related to password security. The latest tests show the RTX 4090’s Hashcat performance is roughly eight times greater than eight GTX 1080s. Compared to Nvidia’s best GPU from the previous generation, the RTX 4090 is nearly twice as fast as the RTX 3090. The tweet was the first spotted by Tom’s Hardware.

Replying to a question in the same Twitter thread, Croley said Nvidia’s GeForce RTX 4090 GPU is more than three times faster than an AMD Radeon RX 6900 when using the hash speed benchmark Hashcat. Croley noted that the relative performance of AMD’s Radeon RX 7000 series is still unknown.

Read more