General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsIrony alert: Password-storing company is hacked
http://money.cnn.com/2015/06/15/technology/lastpass-password-hack/No one's safe from hackers -- not even LastPass, a company that stores people's passwords.
LastPass lets people store passwords online so they can access them all with a single master password.
You're storing all your eggs in one basket. That could be a problem.
On Monday, LastPass announced that hackers broke into its computer system and got access to user email addresses, password reminders, and encrypted versions of people's master passwords.
Snip
That's my contribution for today. Lots to do. I wish our weather pattern would change for Texas.
SusanCalvin
(6,592 posts)I have always been suspicious of the all-in-one-basket approach. Anything has the potential to be hacked; your best defense is limiting the damage.
hlthe2b
(102,361 posts)and keep digital copies on current and retired iphone and an ipod touch and my current and old laptop. To update, I sync only from my laptop using my protected home wifi.
SusanCalvin
(6,592 posts)I'm pretty good with passwords, but I can get tripped up when a site's requirements (must use a number/cannot use numbers, for example) force me to modify what I'd originally intended to use. And they *never* list those requirements on the sign-in page, where it might help me remember.
hlthe2b
(102,361 posts)It allows lots of features, including password generation, that I do use for really sensitive (banking) sites.
SusanCalvin
(6,592 posts)SusanCalvin
(6,592 posts)which you probably already thought of.
The same person who told me he used the password manager under discussion also gave me the advice to have a *really* good password for the email address that can reset your other passwords.
I'd add to that, "don't store it anywhere except in your head and/or a very secure location," which is what I do, but....
Now that I think of it, I'd also add to make that address something not obviously connected to your identifying information.
Man, I wish this OP had gotten more recs. I can't help thinking a lot of people are just an accident waiting to happen.
hlthe2b
(102,361 posts)MannyGoldstein
(34,589 posts)It's pretty unlikely that any will be broken before they're changed.
SusanCalvin
(6,592 posts)And you're probably right. I'll still take my individual passwords, though.
JaneyVee
(19,877 posts)SusanCalvin
(6,592 posts)Like what they say about deterrence, not total prevention, for burglary and car theft.
mythology
(9,527 posts)It's not nearly as bad as the CNN article makes it sound like.
In that case the hackers don't actually have access to the master passwords which are encrypted. In theory if the password was previously disclosed and thus the encrypted hash result is already known.
Hutzpa
(11,461 posts)Is Texas the new frontier?
SusanCalvin
(6,592 posts)That would be nice! Then we could throw the rascals out. ;->