LastPass might be headlining but it is not completely alone. But the idea that an encrypted vault is now in the hands of hackers is unsettling, which is why this event will become a reference point – password manager vaults are vulnerable and what happened in this instance is the QED.
The stolen password vaults remain secure thanks to the master password, known only to the account holder. If you’re a LastPass customer, and even if you’re not, this would be a shock, as it was the first time anyone had managed to compromise a company in this sector on any scale after years of speculative warnings by researchers. To repeat, the attackers had stolen the encrypted password vault. The gist is that during an August involving the compromise of employee credentials, a large volume of data was stolen, including company names, email addresses, IP addresses, an encrypted copy of customer password vaults, and unencrypted URLs associated with sites in the vault. You can read the full disclosure timeline stretching back to last August on the company’s site. In December, LastPass published a security advisory that at least some customers of the booming online password management sector must have feared might one day come to pass. Back to Opinion The LastPass Breach: Are Online Password Managers Still Safe? Should businesses trust online password managers? The problem is that customers can’t easily judge the security of these platforms from the outside.
0 kommentar(er)
