[Lex Computer & Tech Group/LCTG] LastPass confirms users' password vaults were stolen by hackers

Peter Albin palbin24 at yahoo.com
Thu Dec 29 11:06:53 PST 2022 

George, et al.,

Below is a link to my presentation about password managers (13Mar2019). 
While it is a few years old, I believe much of the information is still 
relevant. Other materials related to the talk are also on the wiki for 
the same date.

I would be happy to do an encore presentation is there is a need.

https://wiki.toku.us/lib/exe/fetch.php?media=lctg:passwordmanagerlctg.pdf

Peter

On 12/29/2022 11:25 AM, George Gamota wrote:
>
> Folks
>
> I think we should have a more in-depth discussion on “passwords” at 
> the next session or when time is open.
>
> George
>
> *From:* LCTG <lctg-bounces+ggamota=stma-llc.com at lists.toku.us> *On 
> Behalf Of *Rich Moffitt
> *Sent:* Thursday, December 29, 2022 8:16 AM
> *To:* Drew King (dking65 at kingconsulting.us) 
> <dking65 at kingconsulting.us>; Lex Computer Group <LCTG at lists.toku.us>
> *Subject:* Re: [Lex Computer & Tech Group/LCTG] LastPass confirms 
> users' password vaults were stolen by hackers
>
> The fact that LastPass infrastructure has been breached multiple times 
> and are such a big target are reasons I don't feel like using them 
> anymore. The vaults themselves are still encrypted, and (provided a 
> good master passphrase was used) aren't likely to be cracked in a 
> timely fashion. I'm actually more concerned about the plaintext URLs 
> and other personal data that were scooped up as part of the breach. 
> Some of these could include access tokens or personally identifiable 
> data that could assist an attacker in compromising accounts without 
> the credentials themselves.
>
> Fortunately, there are good alternatives out there: trusty old Keepass 
> for DIYers, Bitwarden for people who like browser integration and 
> either want to host their own or use a decent free tier service, and 
> 1Password / Dashlane / etc. for people looking for other convenience 
> features and are willing to pay for them.
>
> -Rich
>
> On Tue, Dec 27, 2022 at 4:51 PM Drew King (dking65 at kingconsulting.us) 
> <dking65 at kingconsulting.us> wrote:
>
>     All,
>
>     Some LastPass breach update information:
>
>     Android Central: LastPass confirms users' password vaults were
>     stolen by hackers.
>     https://www.androidcentral.com/apps-software/lastpass-user-data-security-breach-incident
>
>     -- 
>     Drew King
>
>     ===============================================
>     ::The Lexington Computer and Technology Group Mailing List::
>     Reply goes to sender only; Reply All to send to list.
>     Send to the list: LCTG at lists.toku.us   Message archives:
>     http://lists.toku.us/pipermail/lctg-toku.us/
>     To subscribe: email lctg-subscribe at toku.us To unsubscribe: email
>     lctg-unsubscribe at toku.us
>     Future and Past meeting information: http://LCTG.toku.us
>     <http://LCTG.toku.us>
>     List information: http://lists.toku.us/listinfo.cgi/lctg-toku.us
>     This message was sent to rich at richmoffitt.org.
>     Set your list options:
>     http://lists.toku.us/options.cgi/lctg-toku.us/rich@richmoffitt.org
>
>
> ===============================================
> ::The Lexington Computer and Technology Group Mailing List::
> Reply goes to sender only; Reply All to send to list.
> Send to the list:LCTG at lists.toku.us       Message archives:http://lists.toku.us/pipermail/lctg-toku.us/
> To subscribe: emaillctg-subscribe at toku.us   To unsubscribe: emaillctg-unsubscribe at toku.us
> Future and Past meeting information:http://LCTG.toku.us
> List information:http://lists.toku.us/listinfo.cgi/lctg-toku.us
> This message was sent topalbin24 at yahoo.com.
> Set your list options:http://lists.toku.us/options.cgi/lctg-toku.us/palbin24@yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.toku.us/pipermail/lctg-toku.us/attachments/20221229/f6b66bd1/attachment.htm>

More information about the LCTG mailing list