Peaches Posted May 6, 2011 Report Share Posted May 6, 2011 5 May 2011, 14:00Potential intrusion suspected in LastPass password service "Network traffic anomalies" to and from the databases of the LastPass password management service have caused the company to suspect that intruders could have harvested personal information – including some customers' master passwords. LastPass is an online password manager that can automatically fill in the log-in forms of web pages by using a browser plug-in. LastPass said that it doesn't have any concrete evidence of a break-in – but that "where there's smoke, there could have been fire". The company is, therefore, forcing all its customers to change their master passwords. LastPass said that, although it assumes that the salted password hashes will withstand a brute-force attack, very weak passwords could be cracked using a dictionary attack, and that it wants to be on the safe side. http://www.h-online.com/security/news/item/Potential-intrusion-suspected-in-LastPass-password-service-1238148.html And story here: http://www.darkreading.com/database-security/167901020/security/attacks-breaches/229402897/password-manager-service-lastpass-investigating-possible-database-breach.html Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.