Submitted by Doener23 t3_zwjrs2 in technology
dubiousadvocate t1_j1vrg1s wrote
Reply to comment by jeffreyd00 in What’s in a PR statement: LastPass breach explained by Doener23
I’ll check into it, thx! It took me almost a decade to convince nearly all my extended family to use a vault service and at the time LastPass was one of the better ones. I spent much of the Xmas weekend apologizing and asking folks to change their MP. Embarrassing…
wpalant t1_j1vwns9 wrote
Disclaimer: I’m the author of the article linked by the OP.
I’m sorry to be telling you this but it’s too late for changing the master password now. It’s the master password in use when the data leaked that matters.
On the bright side: it isn’t very likely that the passwords of a regular “nobody” will be decrypted. I’ve outlined the considerations here: https://palant.info/2022/12/23/lastpass-has-been-breached-what-now/
However, if you want to mitigate the risk, there is no way other than changing passwords now. Especially passwords of high-value websites (banking accounts, shopping sites etc.).
dubiousadvocate t1_j1w0amd wrote
Fantastic, thank you for the background and recommendations.
jeffreyd00 t1_j1vv1d4 wrote
I dunno why you felt the need to apologize. You didn't hack it, you didn't sell the company off to someone else that let it stagnant and fester into a liability for all of it's users.
Viewing a single comment thread. View all comments