“The LastPass account password ‘best practices,’ advice linked to in their announcement says nothing about using a password generator, so it would be incorrect to assume that users are generating their LastPass passwords using a strong password generator.” Unless your password was created by a good password generator, it is crackable.
“Seemingly clever schemes to create passwords with a mix of letters, digits, and symbols do more harm than good. As I have been saying for more than a decade, humans just can’t create high-entropy passwords. “Passwords created by humans come nowhere near meeting that requirement. “That ‘millions of years’ claim appears to rely on the assumption that the LastPass user’s 12-character password was generated through a completely random process,” 1Password Principle Security Architect Jeffrey Goldberg said in the blog post. 1Password countered that it would likely take much less time. LastPass competitor 1Password challenged that claim in a recent blog post. LastPass said that as long as customers were following the company’s best practices for generating a strong master password, it would take hackers millions of years to guess your master password. However, LastPass attempted to ease users’ fears by stating that their master password secured their information. In the press release, LastPass said that users’ password vaults were stolen and personal information like website usernames, passwords, secure notes, and form-filled data was exposed. Popular password manager LastPass confirmed last week that it was the victim of a data breach.
0 kommentar(er)
