Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
A Breach at LastPass Has Password Lessons for Us All
The hacking of the password manager should make us reassess whether to trust companies to store our sensitive data in the cloud.While many of us were unplugging from the internet to spend time with loved ones over the holidays, LastPass, the maker of a popular security program for managing digital passwords, delivered the most unwanted gift. It published details about a recent security breach in which cybercriminals had obtained copies of customers password vaults, potentially exposing millions of peoples online information.
From a hackers perspective, this is the equivalent of hitting the jackpot.
When you use a password manager like LastPass or 1Password, it stores a list containing all of the user names and passwords for the sites and apps you use, including banking, health care, email and social networking accounts. It keeps track of that list, called the vault, in its online cloud so you have easy access to your passwords from any device. LastPass said hackers had stolen copies of the list of user names and passwords of every customer from the companys servers.
This breach was one of the worst things that could happen to a security product designed to take care of your passwords. But other than the obvious next step to change all of your passwords if you used LastPass there are important lessons that we can learn from this debacle, including that security products are not foolproof, especially when they store our sensitive data in the cloud.
https://tinyurl.com/y2rr4y7e
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
9 replies, 1913 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (7)
ReplyReply to this post
9 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
A Breach at LastPass Has Password Lessons for Us All (Original Post)
Zorro
Jan 2023
OP
cilla4progress
(24,782 posts)1. Glad I opted not to use it!
AllyCat
(16,235 posts)2. I always thought this was possible with password managers
And decided not to use them.
PoindexterOglethorpe
(25,908 posts)3. What people don't realize about the cloud is that it
is someone else's hard drive, just not yours.
ThoughtCriminal
(14,049 posts)4. One more bit of security advise
I avoid clicking on tinyurl.com links.
Zorro
(15,749 posts)5. So insert preview. between the backslashes and tinyurl
to see the where the link directs.
But I bet you already knew that.
masmdu
(2,536 posts)6. Sorry, could you provide more details...this doesn't do anything when I try.
Thanks
Copy the tinyurl to the browser window, then edit it to insert "preview." like this before hitting the enter key:
https://preview.tinyurl.com/y2rr4y7e
You will then see where tinyurl redirects you to confirm the link source.
I use tinyurl when the link is ridiculously long, as all the shared NYT links are.
masmdu
(2,536 posts)8. Thank you very much! I learned something today :)
Skittles
(153,212 posts)9. the cloud is just someone else's computer
nope, do not trust