Lastpass Hacking - 30th November

This is a pretty big deal.

For those that don’t know lastpass is a password manager, a password manager is designed to store all of your passwords and then you can access all the passwords with one master password, normally this is a very secure method and I use a password manger (1password) to store my 250 passwords and details.

However on the 2022-11-30T00:00:00Z the LastPass CEO confirmed that an “unaothrized” party had gained access to “certain elements of our customers information” within a third-party cloud storage service.

Now this is one of the most concerning things you can hear someone say, many people have things from their addresses, to their credit cards and to all their passwords inside of their vaults.

Last August there was another concern with security that made it possible for this event. It’s not exactly clear on what info has been spread but we’ve been told that lastpass doesn’t have as many security borders as preferred.

Normally when you store data this secure you expect it to be encrypted in multiple layers, according to sources LastPass is only encrypted in one layer. The passwords remain to be encrypted but in the future these types of encryptions may be able to be decrypted.

LastPass has already had 2 security breaches & that is not safe at all.

It’s hard to say what’s happened but I suppose we’ll find out over time. But that brings up the question:

Are passwords going to become a thing of the past?

Passwords are becoming easier & easier to brute, a security analyst found that around 4 4090s can crack a secure 8 character password in around 45 minutes.

Now imagine what it will be like in the future with the power of things like quantum computers. It’s going to be easy to crack these types of passwords.

I believe that passwords will eventually become a thing of the past and we may change over to other options such as biometrics or other forms of logins.

What do you think of this breach and what do you think of the change to passwords?


This is not good, I’m not sure why Lastpass even has has customers anymore.

This is a bad problem. I use Lastpass. :grimacing:

Oh, that’s not good. So it wasn’t just the last pass passwords leaked? It was for other sites? :grimacing:

Yeah, LastPass holds the passwords of users for like hundreds of sites.

I personally don’t use a password manager. While I’ve thought about switching to LastPass for some time I’m glad I didn’t. I agree that passwords are slowly becoming a thing of the past but I don’t think they’ll ever change. Millions upon Millions of websites use passwords so even if some of the biggest sites change there’ll always be somewhere for you to enter a password.

Well the passwords weren’t leaked in that sense, let’s say LastPass encrypted the data in 256-bit encryption that uses a 256-bit key to encrypt & decrypt files.

To our knowledge at the moment the hacker has the data that’s encrypted, so to decrypt it they’ll need to try 1.1x1011 (11,110,000,000,000) random combinations which is virtually impossible at the moment, the fear is that in the future quantum computing will be able to crack these types of encryptions and if the rate of quantum computing is fast it means the data of these people could be at risk.

What happens if quantum computing or other methods become widely available that would allow anybody to crack a simple password almost immediately or to quickly decrypt large amounts of data.

I used to use lastpass, then I upgraded to 1password.

I know this is a bit off-topic but, if I were to use a password manager like this, which one should I use?

I personally use 1password, but I think that their might be other alternatives out there.

Also you could try hosting your own.

You just have to be more cautious.