[Lex Computer & Tech Group/LCTG] LastPass confirms users' password vaults were stolen by hackers

Stan Rose rosesta at gmail.com
Thu Dec 29 12:50:45 PST 2022 

I’ve been using Roboform across all my devices for many years and it’s worked fine for me. It is continually updated and I’ve never had any problems. I think that not having the largest market share has kept it from being a prime target for hackers.

 

Stan

 

From: LCTG <lctg-bounces+rosesta=gmail.com at lists.toku.us> On Behalf Of Peter Albin
Sent: Thursday, December 29, 2022 2:07 PM
To: lctg at lists.toku.us
Subject: Re: [Lex Computer & Tech Group/LCTG] LastPass confirms users' password vaults were stolen by hackers

 

George, et al.,

Below is a link to my presentation about password managers (13Mar2019). While it is a few years old, I believe much of the information is still relevant. Other materials related to the talk are also on the wiki for the same date.

I would be happy to do an encore presentation is there is a need.

https://wiki.toku.us/lib/exe/fetch.php?media=lctg:passwordmanagerlctg.pdf

Peter

On 12/29/2022 11:25 AM, George Gamota wrote:

Folks

I think we should have a more in-depth discussion on “passwords” at the next session or when time is open. 

George

 

From: LCTG  <mailto:lctg-bounces+ggamota=stma-llc.com at lists.toku.us> <lctg-bounces+ggamota=stma-llc.com at lists.toku.us> On Behalf Of Rich Moffitt
Sent: Thursday, December 29, 2022 8:16 AM
To: Drew King (dking65 at kingconsulting.us <mailto:dking65 at kingconsulting.us> )  <mailto:dking65 at kingconsulting.us> <dking65 at kingconsulting.us>; Lex Computer Group  <mailto:LCTG at lists.toku.us> <LCTG at lists.toku.us>
Subject: Re: [Lex Computer & Tech Group/LCTG] LastPass confirms users' password vaults were stolen by hackers

 

The fact that LastPass infrastructure has been breached multiple times and are such a big target are reasons I don't feel like using them anymore. The vaults themselves are still encrypted, and (provided a good master passphrase was used) aren't likely to be cracked in a timely fashion. I'm actually more concerned about the plaintext URLs and other personal data that were scooped up as part of the breach. Some of these could include access tokens or personally identifiable data that could assist an attacker in compromising accounts without the credentials themselves.

 

Fortunately, there are good alternatives out there: trusty old Keepass for DIYers, Bitwarden for people who like browser integration and either want to host their own or use a decent free tier service, and 1Password / Dashlane / etc. for people looking for other convenience features and are willing to pay for them.

 

-Rich

 

On Tue, Dec 27, 2022 at 4:51 PM Drew King (dking65 at kingconsulting.us <mailto:dking65 at kingconsulting.us> ) <dking65 at kingconsulting.us <mailto:dking65 at kingconsulting.us> > wrote:

All,

Some LastPass breach update information:

Android Central: LastPass confirms users' password vaults were stolen by hackers.
https://www.androidcentral.com/apps-software/lastpass-user-data-security-breach-incident

-- 
Drew King

===============================================
::The Lexington Computer and Technology Group Mailing List::
Reply goes to sender only; Reply All to send to list.
Send to the list: LCTG at lists.toku.us <mailto:LCTG at lists.toku.us>       Message archives: http://lists.toku.us/pipermail/lctg-toku.us/
To subscribe: email lctg-subscribe at toku.us <mailto:lctg-subscribe at toku.us>   To unsubscribe: email lctg-unsubscribe at toku.us <mailto:lctg-unsubscribe at toku.us> 
Future and Past meeting information: http://LCTG.toku.us
List information: http://lists.toku.us/listinfo.cgi/lctg-toku.us
This message was sent to rich at richmoffitt.org <mailto:rich at richmoffitt.org> .
Set your list options: http://lists.toku.us/options.cgi/lctg-toku.us/rich@richmoffitt.org





===============================================
::The Lexington Computer and Technology Group Mailing List::
Reply goes to sender only; Reply All to send to list.
Send to the list: LCTG at lists.toku.us <mailto:LCTG at lists.toku.us>       Message archives: http://lists.toku.us/pipermail/lctg-toku.us/
To subscribe: email lctg-subscribe at toku.us <mailto:lctg-subscribe at toku.us>   To unsubscribe: email lctg-unsubscribe at toku.us <mailto:lctg-unsubscribe at toku.us> 
Future and Past meeting information: http://LCTG.toku.us
List information: http://lists.toku.us/listinfo.cgi/lctg-toku.us
This message was sent to palbin24 at yahoo.com <mailto:palbin24 at yahoo.com> .
Set your list options: http://lists.toku.us/options.cgi/lctg-toku.us/palbin24@yahoo.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.toku.us/pipermail/lctg-toku.us/attachments/20221229/aede7b73/attachment.htm>

More information about the LCTG mailing list