LastPass has been very transparent about its recent data breach.
LastPass, an industry-leading password manager, announced that it had detected a breach in its developmental environment. They are assuring users of their product that no customer data was accessed due to the breach. Read the announcement here to learn more.
This one is pretty scary. If you use a password manager, and I highly recommend them, learning of a breach is frightening. A password manager stores login credentials for every login you use. I currently store over 400 different passwords in my password manager.
The Zero Knowledge Architecture used by LastPass is Key
A single master password protects a password manager account. Only the owner of the account knows the master password and LastPass does not store it anywhere on their systems. It is because of this design that users’ master passwords cannot be stolen from LastPass. This strategy, known as “Zero Knowledge Architecture,” says that if you never know it, you can’t lose it. This approach to account security likely is saving LastPass and its users from a massive hassle.
Password managers are usually cloud applications that make it easy to use secure, complex, and long passwords. They are growing in popularity because how many websites and applications require passwords for access. A password manager can generate a long, random string of characters making a strong password. The password and other login information are only accessible by using a master password. This makes it easy to have unique and secure passwords for every login you use.
What Action Should I Take If I Use LastPass?
At this point, LastPass is assuring its customers that their information is safe. However, it wouldn’t be a bad idea to change your master password. That is good practice anyway. Also check with your LastPass, or whatever password manager you use, periodically to learn of other data breaches. They happen frequently and do not get the media attention that they used to get.
If you learn that a website where you have an account suffered a breach, change the password. Any password manager makes this process simple. Did you know that Facebook has had four breaches since 2018? If you don’t keep up on your own password security, eventually it will catch up with you.
Learn more about password managers in a previous blog post.