Best daily deals
Best daily deals

Links on Android Authority may earn us a commission. Learn more.

Some LastPass users receive security email scare, but no breach detected

LastPass says there's nothing to worry about, but it's monitoring the situation.
By
December 29, 2021
LastPass alternatives Free vs Premium photograph
Joe Hindy / Android Authority
TL;DR
  • Several LastPass users received security alert emails this week alerting them to failed login attempts.
  • According to LastPass, no accounts have been compromised.
  • The company continues to investigate and monitor the situation.

Password managers are a must for keeping crucial login information to multiple portals safe and accessible. But they can occasionally be the source of more than a few headaches. This week, several LastPass users received security emails alerting them to blocked login attempts using their master passwords.

According to users on Hacker News (via Apple Insider), unauthorized third parties attempted to access their accounts from various areas of the globe. Users on LastPass’s subreddit have also noted recently blocked attempts to access their accounts.

In a statement from LastPass to Apple Insider, the company believes the login attempts resulted from “credential stuffing,” a technique that uses details garnered from previously breached services to break into others. This is a particularly nasty problem if you use similar emails and passwords across multiple services.

A follow-up statement posted to Twitter suggests that some security alerts were “likely triggered in error.” Nevertheless, LastPass believes that no accounts were compromised and that it’s continuing to investigate and monitor the situation.

See also: LastPass free vs premium — Is it worth the upgrade?

Bolster your LastPass security

Even if your account hasn’t been affected, it’s a good time to revisit your security measures. Password managers are excellent for keeping tabs on many credentials for your services, but it’s important to practice good security hygiene.

For starters, be sure to change your master password to something unique. This will at least mitigate any potential credential stuffing threat in the future. Be sure to disable the ability to revert master password changes, too, by heading to Account Settings > Advanced > Allow master password changes to be reverted.

Finally, switch on two-factor authentication to give your account another security layer. To enable two-factor authentication on LastPass, head to Account Settings > Multifactor Options > tap the Edit icon, and follow the prompts.