Submitted by glawgii t3_ztx9k5 in technology
OppositeCode t1_j1g14xm wrote
Reply to comment by Useless_Advice_Guy in The Lastpass hack was worse than the company first reported by glawgii
From a privacy standpoint, you should change passwords (especially your master password). The hackers have the URLs for accounts of LastPass users (as it wasn't encrypted). So it is recommended to change passwords for "important accounts" (emails, financials, etc).
You can then slowly go through your other passwords and change them. Like the next time you visit the site. Also don't use LastPass any longer, if you want to keep using a cloud based password manager, I recommend Bitwarden for free users.
Flashbulb_RI t1_j1gparw wrote
I'm really angry that LastPass was not encrypting EVERYTHING in the user vaults including URLs because LastPass says on their website "Data stored in your vault is kept secret, even from LastPass." However from a practical point of view I wonder if the hackers can identify the email address/identity of the vault owner. Without that info the URLs are not useful.
Viewing a single comment thread. View all comments