Post Lastpass Password Management
Photo by Roth Melinda on Unsplash
Earlier this month LastPass revealed that they had been breached and then a few days later that that their customer’s encrypted password data was stolen. Following a couple of years of controversy including earlier breaches and price rises, this latest breach hasn’t been a particularly good look for them. I’ve been an LP user for a few years, but this latest breach has me concerned — particularly because their customer data vaults have been exposed.
Quick disclaimer: I’m not specifically a security expert but I’ve been the CTO at a small tech firm for the last 6 years and data breaches are one of the topics that keep me up at night and make me sweat at work on a regular basis. I probably spend an unhealthy amount of time thinking and worrying about this stuff
Making Good Use of Time Bought with LastPass’ Strong Encryption
Well, the good news is that LastPass uses pretty strong encryption to store customer password vaults so, in the best case for users, it might take hackers years or centuries to break in to your account depending on the strength of the password you chose. Wladimir Palant gives a bit more detail about the tactics that an attacker might use and how long this might take.