The folks over at LastPass claim that last Friday, they noticed and blocked some suspicious activity taking place on its network. While the team has no evidence that encrypted users data was taken and that no user accounts were accessed, investigations have shown that account email addresses, password reminders, server per user salts, and authentication hashes have been compromised. Because of this, the company is taking some extra precautions to ensure all is right with everyone’s data, so they’re now requiring all users who are logging in from a new device or IP address to verify their account by email.
All users of the service are also urged to update their master password as soon as possible, especially those who have a weak password or reuse their master password on any other website. If you update your master password and still feel a little uneasy about the hack, you can always sign up for multifactor authentication for a bit of added protection.
Although security breaches and “suspicious activity” can be nerve-racking, password managers can prove very useful most of the time. It may not be the most secure way to store your long list of complicated passwords, but some would argue that the added convenience is worth the risk. Do you use a password manager? Why or why not? Be sure to let us know your thoughts in the comments below.