The Broadband Guide
SG
search advanced

LastPass discloses another security breach

2022-12-01 17:35 by
Tags: ,

 

Password manager LastPass has had another security breach, stemming directly from one that occurred in August, the company said Wednesday.

Any security breach on a password manager is going to raise concerns over stolen passwords, obviously, but LastPass emphasizes that these remain safe thanks to its Zero Knowledge architecture, which ensures only the user knows the master password and encryption occurs only on the device level. As such, LastPass is not recommending that users change their passwords.

"An unauthorized party, using information obtained in the August 2022 incident, was able to gain access to certain elements of our customers' information," LastPass CEO Karim Toubba wrote in a blog post. "Our customers' passwords remain safely encrypted due to LastPass's Zero Knowledge architecture."

Despite being massively popular, this marks another occasion where LastPass' security practices have come under question. In 2019, the company patched a security flaw that could have allowed hackers to scrape login details from the last site users visited. There was also a browser extension vulnerability in 2017.

In December, LastPass users reported that people were attempting to log in to their accounts from unknown locations using their correct master passwords. The company claimed these were likely the result of customers reusing passwords across multiple sites.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About