Outliner Software
Home Forum Archives Search Login Register


 

Outliner Software Forum RSS Feed Forum Posts Feed

Subscribe by Email

CRIMP Defined

 

Tip Jar

Verifpro.net - paypal, ebay, banks, crypto, docs and more!

< Next Topic | Back to topic list | Previous Topic >

Pages:  < 1 2 3 4 > 

Posted by bartb
Jan 13, 2023 at 06:36 PM

 

Regarding LastPass: I highly recommend the following article - good overview and recommendations:
https://danielmiessler.com/blog/my-philosophy-and-recommendations-around-the-lastpass-breaches/

Heads-up LastPass users !!!

 

Posted by satis
Jan 13, 2023 at 10:41 PM

 

One major problem for longtime LastPass users involves server-derived iterations implemented in turning a master password into an encryption key. It’s currently 100,000 iterations, but the default for old accounts was only 5,000, which makes cracking those user vaults more plausible.

And since LastPass has user info, and didn’t bother to encrypt URLs in the user vaults(!!!) thieves no doubt have triaged which old account vaults to attempt to crack. According to one report I read, threat actors snagged the following info available from the breach:

- Customer Names

- Company Names

- Email Address

- Billing Address

- Telephone Numbers

- IP addresses from where customers accessed LastPass online

- Website URLs saved in LastPass vaults

- the encrypted vaults

And the only thing old users can do is change all their passwords as quickly as possible.

 

Posted by Daly de Gagne
Jan 14, 2023 at 07:16 PM

 

Hi Dellu, I doubt very much it was Lothar. The last post of his to this group, according to a search, was in 2021.

It is, unfortunately, easy to take over a person’s email and to use it to post spam to groups that person may have belonged to.

Daly

Dellu wrote:

>
>Franz Grieser wrote:
>Hola Lothar.
>>
>>Is that really you? And why do you post a dubious link to a topic
>that’s
>>not directly relevant for this forum?
> >Exactly!
>It is the first time I have seen a respectable member of this community
>post spammy stuff here.

 

Posted by Amontillado
Jan 14, 2023 at 10:56 PM

 

I stand corrected on one point. I thought LastPass didn’t encrypt usernames.

I remain negatively enthusiastic about LastPass. It’s OK. I tend to be out of step.

 

Posted by Dellu
Jan 15, 2023 at 05:51 AM

 

I have been a user of LastPass for the last many years. I kept on using it, even a number of reports of breach, due to its convenience.
All the alternatives are either too expensive to, or too much of a hassle.

Bitwaden is the closest best I found; and its auto-fill is inconsistent.  It misses over half of the fill forms; specially in the android platform. 

 

Pages:  < 1 2 3 4 > 

Back to topic list

© 2006-2024 Pixicom - Some Rights Reserved. | Tip Jar