Opinion: Paper, the least terrible password management tool - CSMonitor.com
"Password management company LastPass admitted last week that it discovered 'suspicious traffic' on its network. Though encrypted user data was left untouched, ‘account e-mail addresses, password reminders, server per user salts, and authentication hashes were compromised,’ meaning that some accounts could be vulnerable."
Although LastPass has had, and maybe still has, a pretty good reputation, its disadvantage, both in terms of security and ongoing cost, was always requiring the use of its own (LastPass’s own) server for synchronization between devices. Still, there is a lot of “some” “could be” in the story above. Given the security procedures LastPass enables (a different strong password for every site, timely reminders to replace old passwords with new, and so forth) the risk deriving from a hack like this is probably worth taking.
Also there are other password managers available. Full disclosure: I use one of them myself.
No comments:
Post a Comment