LastPass Hacked

[Digital_Lord]

I know lots of you know about and use last pass, everytime the forum gets hacked more and more people from here begin to use it, well, im sorry but your account details have been hacked, email addresses, encrypted passwords and cleartext password reminder hints were all leaked,

http://cointelegraph.com/news/114652/lastpass-gets-hacked-time-for-passwordless-logins

[rokkyroad]

It was bound to happen. I'm sure no one here was stupid enough to use them or any other online password manager. 

[Envrin]

It was bound to happen. I'm sure no one here was stupid enough to use them or any other online password manager.  

What he said.  I think it's pretty common knowledge -- don't store your passwords online with a 3rd party.  That's a bad idea.

KeepassX works great.

[tzortz]

Online password manager?

Cool stuff.

 

[snarlpill]

I'll have to read the article, but that's exactly why I don't and wouldn't use that site, or any 3rd party password keepers. It was just bound to happen and there's too much to lose. Either by hackers, or the gov. possibly somehow, I don't know.

I use a different password for everything now and the only copies I keep are written on paper and safely stashed away.

[ticoti]

I have never used a password manager because of this reason,I would be screwed if manager password is hacked,and they show they can hack it...

[Argwai96]

Having a password manager is like getting married with a gold digger just for your money she's bound to cash out any time, the article does point to a good path which is passwordless logins.

[codenamethisNutz]

I've always had a shady feeling about lastpass, one entity with access to all of those passwords because lazy people simply volunteer them over due to convenience... Shame. 

[1FfmbHfnpaZjKFvyi1okTjJJu]

I know lots of you know about and use last pass, everytime the forum gets hacked more and more people from here begin to use it, well, im sorry but your account details have been hacked, email addresses, encrypted passwords and cleartext password reminder hints were all leaked,

http://cointelegraph.com/news/114652/lastpass-gets-hacked-time-for-passwordless-logins

“An attacker could try to guess your master password, then use your per-user-salt and authentication hash to determine if their guess was correct. […] If your master password is weak or if your password reminder makes it easy-to-guess, then the attacker could significantly reduce the number of attempts needed to guess it correctly.”

im not use lastpass im use excel on local storage but this is seriously problem i hope all user read this news and change his password

 i want to ask if you have lastpass acc and you delete all your data in lastpass are hacker can't aces your data ? (because your data has been removed) ?

[bitbaby]

It was bound to happen. I'm sure no one here was stupid enough to use them or any other online password manager.  

What he said.  I think it's pretty common knowledge -- don't store your passwords online with a 3rd party.  That's a bad idea.

KeepassX works great.

Yup, KeepassX works great, but I only use it for websites which are not too important for me, for other sites I prefer to write the password down in a notebook in a way that only I can decrypt the message, the only way to steal the password from that would be if there was a robbery and the thief stole the book, which is very unlikely because a thief would generally look for things more precious than a note-book and even then S/He would not be able to understand the message.

[thebenjamincode]

thanks for the news
i will never going to use a password manager again

[RustyNomad]

Never trusted LastPass.

Never trust anything online i.e. the cloud and never upload anything there unless I encrypted it myself.

If you want better password security just get KeePass. You have control over the encryption and the database is always under your own control.

[dsattler]

thanks for the news
i will never going to use a password manager again

An offline password manager with a decent encryption like keepass2 is a good thing, but don't give out your master password only because it's convenient for you.

[Kprawn]

I cannot believe that there are still people who would trust online password managers.  

Write it down on a piece of paper and laminate it. Keep it in a burnproof safe, if you are really paranoid. I used to use a standard password with different formats, and I remembered the standard password, but as you get older Alzimers Lite kicks in, and you start to forget the simple things.

Now I use different passwords for every site and I write it down / laminate it / store it in a safe place.  {Never store the site and the passwords together... Give the site a number and write this number and password together... then you write the site and the number on a seperate piece of paper, and store it in a different place.}

This way, nobody could get into your safe and figure out, what password is for what site. {The site is not on the list, only the number}

[NorrisK]

Surprising its only posted here now, as the hack already happened last week.. Guess most people here use KeePass to have it all in their own control?

[EternalWingsofGod]

The last password you will ever need as its the golden goose for all the accounts once hacked into and a persons Achilles Heel.
That said remembering a lot of unique sets of passwords is complicated so it does seem like an inevitable outcome, but like Bitcoin wallets best to keep passwords offline.

[ThEmporium]

I know lots of you know about and use last pass, everytime the forum gets hacked more and more people from here begin to use it, well, im sorry but your account details have been hacked, email addresses, encrypted passwords and cleartext password reminder hints were all leaked,

I do not know why people buy the software to store the important email addresses, key, and passwords. They could use Note pad to note everything and then zip it with 7zip and protect with the strong encrypted passwords. This way they will keep their secret things with themselves in their pocket, laptop or mobile phones.

[Amph]

another reason why i'll never trust any service like, that i'm in fact saving all my password on paper, no hacker ccan even dream of hacking that 

Surprising its only posted here now, as the hack already happened last week.. Guess most people here use KeePass to have it all in their own control?

they will hack that too one day, it is only a matter of time

they should build a decentralized lastpass with cold storage for password, pretty much like a bitcoin cold storage wallet

[Velkro]

Never store your passwords in other place than head, except not important password that you can store OFFLINE not online.

[pooya87]

i can never understand the need for services like lastpass.

it is not like i have 1000 different passwords that i need remembering. there is only a handful of important passwords that i can remember and write down on a piece of paper just in case i forgot.

besides, what i don't encrypt myself is not gonna be safe on the cloud anyways.