Bitcoin Forum
May 08, 2024, 03:46:41 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Other > Off-topic >  [BETANEWS]LastPass has serious flaw called 'LostPass' -- your passwords and mor
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: [BETANEWS]LastPass has serious flaw called 'LostPass' -- your passwords and mor  (Read 348 times)
HITTI2 (OP)
Hero Member
*****
Offline Offline

Activity: 563
Merit: 500



View Profile
January 17, 2016, 10:31:29 PM
 #1
Quote
"I have discovered a phishing attack against LastPass that allows an attacker to steal a LastPass user's email, password, and even two-factor auth code, giving full access to all passwords and documents stored in LastPass. I call this attack LostPass. The code is available via Github. LostPass works because LastPass displays messages in the browser that attackers can fake. Users can't tell the difference between a fake LostPass message and the real thing because there is no difference. It's pixel-for-pixel the same notification and login screen", says Sean Cassidy, CTO, Praesidio.


Source

I finally dumped last pass, I am now copying and pasting my passwords. Even if that helps. What other alternatives do we have not as in password managers but as to login?
Win7x64 Pro, Acer XB240H, Corsair Obsidian 750D Black,DEMCifilter Corsair Obsidian 750D Dust Filter Kit,Delidded i7-3770K OC'd@4.5GHz, F3-12800CL8D-8GBXM, MSI GeForce GTX 960 2GD5, ASUS Xonar D1, Vantec UGT-ST644R, ASRock Z75 Pro3, EVGA SuperNOVA 750 G2 PSU, EK-KIT L240, 2 x NF-A14-FLX Fans, 2 x Samsung 840 Pro 128GB RAID 0 32KB strip, WD Re WD1003FBYZ 1TB,2TB HGST/Hitachi (HUA723020ALA641),2 x HGST A7K3000 HUA723030ALA640 3 TB, Vertex II 60GB,Samsung SH-S223L.
Unlike traditional banking where clients have only a few account numbers, with Bitcoin people can create an unlimited number of accounts (addresses). This can be used to easily track payments, and it improves anonymity.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1715183201
Hero Member
*
Offline Offline

Posts: 1715183201

View Profile Personal Message (Offline)

Ignore
1715183201
1715183201
Reply with quote  #2
1715183201
Report to moderator
Spoetnik
Legendary
*
Offline Offline

Activity: 1540
Merit: 1011


FUD Philanthropist™


View Profile
January 18, 2016, 12:32:38 AM
 #2
I use Password Depot on Windows.. they might have a Linux version oi forget.
I also have tried out the Android one which is free an it works ok.
Hopefully my program is not in the news next hahah

also i chose it over Kaspersky because of Browser plugin updates are better.
And you can often just change the Plugin version number and it still works for new builds.

Anyway it has great features for windows.. i been using it for years since v6.xx

and.. if you want pirated versions can be found online too.
FUD first & ask questions later™
Boelens
Hero Member
*****
Offline Offline

Activity: 672
Merit: 500



View Profile
January 18, 2016, 04:16:11 AM
 #3
Quote from: HITTI2 on January 17, 2016, 10:31:29 PM

I finally dumped last pass, I am now copying and pasting my passwords. Even if that helps. What other alternatives do we have not as in password managers but as to login?

Hopefuly you're not dumping it all into a notepad document lol, email it to yourself that way there's a password protecting it.
HITTI2 (OP)
Hero Member
*****
Offline Offline

Activity: 563
Merit: 500



View Profile
January 18, 2016, 05:44:00 AM
 #4
Quote from: Boelens on January 18, 2016, 04:16:11 AM
Quote from: HITTI2 on January 17, 2016, 10:31:29 PM

I finally dumped last pass, I am now copying and pasting my passwords. Even if that helps. What other alternatives do we have not as in password managers but as to login?

Hopefuly you're not dumping it all into a notepad document lol, email it to yourself that way there's a password protecting it.
What happened to me is that I use multiple devices and lastpass was good at synchronizing between devices etc. I paid for a 2 year subscription too! To have lastpass on my android devices.

Now what I am doing is using dropbox for my password data base and the key file on my computer & Android  then + my password.

Using all apps:
Dropbox
Keepass2
keefox
keepass2android

Exported my lastpass>import through keepass as Lastpass.csv file creating my new keepass database.
Win7x64 Pro, Acer XB240H, Corsair Obsidian 750D Black,DEMCifilter Corsair Obsidian 750D Dust Filter Kit,Delidded i7-3770K OC'd@4.5GHz, F3-12800CL8D-8GBXM, MSI GeForce GTX 960 2GD5, ASUS Xonar D1, Vantec UGT-ST644R, ASRock Z75 Pro3, EVGA SuperNOVA 750 G2 PSU, EK-KIT L240, 2 x NF-A14-FLX Fans, 2 x Samsung 840 Pro 128GB RAID 0 32KB strip, WD Re WD1003FBYZ 1TB,2TB HGST/Hitachi (HUA723020ALA641),2 x HGST A7K3000 HUA723030ALA640 3 TB, Vertex II 60GB,Samsung SH-S223L.
Pages: [1]
  Print  
Bitcoin Forum > Other > Off-topic >  [BETANEWS]LastPass has serious flaw called 'LostPass' -- your passwords and mor
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!