LastPass Reporting a Security Breach, Including Authentication Hashes and Salts

hawkeyeMI writes: LastPass, the popular password manager, has been hacked. The company says that the “vast majority” of users are safe, and has posted a notice which begins: "We want to notify our community that on Friday, our team discovered and blocked suspicious activity on our network. In our investigation, we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed. The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised."

KeePassX

[smutt]

I'd like to take this time to recommend an excellent open source project called KeePassX.

https://www.keepassx.org/ [keepassx.org]

It's a password vault application. Remember local applications, they run on your computer, that you physically have to be at to use(usually).

Re:

[ericloewe]

Why not the real Keepass?

Re:KeePassX

[kosmosik]

> https://www.keepassx.org/ [keepassx.org] [keepassx.org]

> It's a password vault application. Remember local applications,
> they run on your computer, that you physically have to be at to use(usually).

Usually Keepass and alike are used to store passwords for network services. So the computer storing your passwords in KeepassX is still networked and susceptible to attacks. Also people tend to use multiple machines (sometime even not own) so in order to use KeepassX you still need to transfer its data file somehow. You could keep this file on a pendrive probably with portable version of the app.

So KeepassX in my opinion is less convinient to use than Lastpass - with the latter I just login to service (using two factor authentication) and access my passwords. But mind you I use Keepass only for not-so-sensitive accounts like 100+ eshops, forums and crap like thant (not financial, medical, otherwise sensitive, essential internet authentication account hubs like Google or Facebook).

So for me in order to use Keepass would be to carry a medium with data file (which can be lost, stolen, copied) or to share the data file via some kind of authenticated network service like SFTP, HTTPS, Dropbox etc.

I know the Keepass/local pass file way would be probably slightly more secure but Lastpass method is just more convinient.

Oh and if I were to use password manager I would not go Keepass way - what for? Passwords are just some lines in text file. I would just use encrypted text file, shell utilities like grep and have access to it via SSH with two way authentication (I love Google Authenticator with PAM module for my private use).

My point being that if used correctly (only for not sensitive accounts, two form authentication enabled) a trusted service like Lastpass (I find them very concerned about security - they are targeted all the time) is quite secure and more convinient that Keepass.

Also I would love to have some offline device for my sensitive stuff like financial, medical and so on - I lone for something in form of small ipod-like MP3 player that can be fed with data and when prompted for authentication I could choose my credentials from it and display it would generate QR code with token that could be scanned via webcam to authenticate. Of coure it would be suspectible to MITM attacks and physical loss but in my opinion it would be the most secure way for using password store without sharing it via network.

Re:

[dissy]

Also people tend to use multiple machines (sometime even not own) so in order to use KeepassX you still need to transfer its data file somehow. You could keep this file on a pendrive probably with portable version of the app.

and

Also I would love to have some offline device for my sensitive stuff like financial, medical and so on - I lone for something in form of small ipod-like MP3 player that can be fed with data and when prompted for authentication I could choose my credentials from it and display it would generate QR code with token that could be scanned via webcam to authenticate.

The other day I went to portableapps.com to rebuild a new toolstick when I remembered they sell pre-loaded flash drives also. Seeing as part of that purchase would support portable apps I figured I would check out the prices in their shop.

It was then I saw they have a new (to me) encrypted flash drive that looks and reads to be pretty impressive.

Flash drive #2, the Carbide:
http://portableapps.com/shop/h... [portableapps.com]

Or if you just want the drive from the source without the portable apps involvement:
http://worldsbe [worldsbestflashdrive.com]

Re:

[AmiMoJo]

There are plug-ins for Keepass that allow you to sync your database file with a cloud service. I use Google because they support 2FA, and even if the file was somehow stolen it's encrypted.

Keepass has one major advantage over Lastpass's encryption, which is that you can use a keyfile as well as a password. I keep the keyfile locally on my machines and my phone, and it's innocuous so even if one of them was hacked it's doubtful anyone would bother stealing it. Even if they did, how would they know which of t

Re:

[nitehawk214]

Everything is a security/convenience consideration.

KeePass is more secure than LastPass, if you are careful with how you store your database.
Having your passwords as similar but reasonably strong password is more convenient, but less secure.
Setting your password to 12345, is even more convenient but... idiots and luggage...

Re:

[irrational_design]

I tried it, but it was such a pain to get working on OSX and iOS that I think I eventually gave up. It seems like a great solution if you are Windows centric.

Re:

[CanadianMacFan]

I've been very happy with STRIP from Zetetic. I have nothing to do with them except being a happy customer from back in the Palm days. The only thing I don't like is that they charge for their iPhone and iPad versions so I just run the iPhone version on my iPad and it works fine.

Re:

[viperidaenz]

It that because it's a password vault, not just a simple password safe?

Re:

[rtb61]

I would recommend that people install network alarms. All networks will have a particular set of data transmission patterns, that are accept and normal. The very first time a data packet contains a binary signature of an undesirable pattern (instruction, unexpected data transmission), that connection should be blocked at the router, a signal sent to a monitoring station and the connection either allowed to continue or blocked. There are quite simply some data packets, with their embedded binary signatures

Hash and Salt

[psyclone]

We are confident that our encryption measures are sufficient to protect the vast majority of users. LastPass strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side. This additional strengthening makes it difficult to attack the stolen hashes with any significant speed.

Salting is nice, but when the attacker gets both the hash and the salt, they can attack specific users. Still, the 100k rounds of SHA256 seem decent.

Would bcrypt [wikipedia.org] be any better than PBKDF2 [wikipedia.org] here?

Re:

[dwywit]

But do they use ROT-13 as well?

Re:

[viperidaenz]

100,000 rounds of ROT-13!

Re:

[kirkb]

Noob. Everybody knows that you need an odd number of ROT-13's to be truly secure.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Hash and Salt

[blueg3]

Salting is nice, but when the attacker gets both the hash and the salt, they can attack specific users.

Of course they can. The entire purpose of salting is to make it so that the same password, hashed two different times, produces completely different hashes. This has two important consequences. First, it makes it basically impossible to precompute password hashes. That's a big deal compared to the "without salt" case, where rainbow tables make checking against precomputed hashes very easy. Second, if two users on a system have the same password, you can't tell without computation. Said another way, it means you need to crack passwords individually rather than in bulk. This isn't game-breaking, but it's significant when you have million-user breaches.

All of the typical ways of storing password hashes store the salt alongside it. It's expected that an attacker that obtains the hash will obtain the salt. It's within the design.

If you want the password hash separate from a piece of key password-validation data, at that point the extra piece of data is a secret and what you're basically making is a message authentication code. But, it's very difficult to argue that this is ever really more secure.

Still, the 100k rounds of SHA256 seem decent.

Would bcrypt [wikipedia.org] be any better than PBKDF2 [wikipedia.org] here?

100k rounds of SHA256 is decent. The longer SHA2 variants are better, sure. More rounds is always better, of course. 100k is better than what most people use. But, if the decryption is always happening client-side (which it should), then ideally you can afford and should use many more rounds of SHA1. Maybe if they're using JavaScript, that limits how high they can jack the number of rounds up and still get reasonable performance on low-end devices.

I don't know that bcrypt is necessarily much better than what they're doing. It may be, but at a "details" level, not a "major benefit" level. Both bcrypt and PBKDF2 support many rounds and prevent precomputation, which are major features.

What would be better, if the devices they want to support can run it, is something like scrypt, which is resistant to hardware acceleration and thus much harder to crack in practice.

Re:

[sexconker]

p>All of the typical ways of storing password hashes store the salt alongside it. It's expected that an attacker that obtains the hash will obtain the salt. It's within the design.

If you want the password hash separate from a piece of key password-validation data, at that point the extra piece of data is a secret and what you're basically making is a message authentication code. But, it's very difficult to argue that this is ever really more secure.

The hash, salt, and user name are all considered to be not secret. In a properly-implemented crypto scheme, having all of those will allow not help you to gain access to the account or crack the password.

Re:

[blueg3]

Yes, that's what I was saying. Salting uses a non-secret nonce. You could set up some system with a secret nonce, but then it would be a different construction than "salt" (and hard to argue that it's better).

Having access to the salt does make it much easier to crack the password. In fact, it's basically necessary to crack the password. It is still considered non-secret, though.

Re:

[darkmeridian]

A hacker could go through all that trouble to reverse a hash but if the user changes the master password, then there's no compromise. So...the race is to have the user change passwords before the hacker hacks the hash. Should be easy to win, no?

Also, use two-factor. Seriously. No reason you shouldn't be using two-factor.

Re:

[blueg3]

Only if encrypted used data really wasn't exfiltrated.

Re:

[AmiMoJo]

Salting helps but not as much as you might hope. The cracking process usually goes like this:

1. Try the top 100 common passwords on every user, with a few simple variations. That will net you maybe 50-60% of accounts.

2. Check if any users are also in other, weaker or already cracked databases. Often they will be using the same password, or a simple variation of it. That gets you to maybe 80%.

3. Sort the remaining targets by value. Users with .gov addresses at the top, then email accounts that don't support

Re:

[blueg3]

That situation is partially the result of more widespread use of salt. It doesn't magically make bad password hard to crack (as you point out). But it used to be the case that, with rainbow tables, you could crack even moderately difficult passwords very quickly. It also adds a pretty substantial slowdown for large password breaches -- even though all the easy passwords will be cracked anyway, a factor of hundreds of thousands slowdown starts changing the "easily crackable" threshold.

Re:

[tlhIngan]

1. Try the top 100 common passwords on every user, with a few simple variations. That will net you maybe 50-60% of accounts.

2. Check if any users are also in other, weaker or already cracked databases. Often they will be using the same password, or a simple variation of it. That gets you to maybe 80%.

3. Sort the remaining targets by value. Users with .gov addresses at the top, then email accounts that don't support 2FA. Run more comprehensive dictionary attacks against them. Maybe use Amazon to speed the pr

Re:

[N1AK]

I always assumed the per user salt was purely to make using a hash table much harder (effectively impossible), in which case it would still be effective.

Karma's a bitch ...

[CaptainDork]

...

I am obviously unable to use something online, like Last Pass and 1Password. [slashdot.org]

Write only off-site aggregated log server ..

[nickweller]

"We’ve commissioned a write only off-site aggregated log server which can only be accessed via the console. This will allow us a guarantee that any logging is intact." ref [lastpass.com]

Passwords in the cloud? I use simple local scripts

[25albert]

It's a strange idea to store passwords in the cloud anyway. I use these simple scripts in Ubuntu. Could work on Mac too, and I had a Windows/Perl/batch-file version long ago:

$ cat `which p`
#!/bin/bash

[ -d /media/truecrypt1 ] || t on

# accept up to 3 arguments, and filter on all 3
if [ -z "$2" ]; then
grep -ni "$1" /media/truecrypt1/p
else
grep -ni "$1" /media/truecrypt1/p | grep -i "$2" | grep -i "$3"
fi

$ cat `which padd`
#!/bin/bash
[ -d /media/truecrypt1 ]

Re:

[25albert]

There is a bit missing in the post above:

$ cat `which t`
#!/bin/sh

file=$HOME/timecode
tcvol=/media/truecrypt1

do=$1

case "$do" in
"on")
if grep -q /media/truecrypt1 < /proc/mounts ; then
logger -t truecrypt "$0 Starting tc: already mounted"
exit
fi
logger -t truecrypt "$0 Starting

People need to settle down...

[gbcox]

LastPass of course is going to be a target; but if you used the product as recommended with 2nd factor authentication and not reusing your master password elsewhere you don't have anything to worry about. LastPass is handling this in a measured, logical, efficient manner - and as always, they err on the safe side. Of course, this being the internet, you have the usual suspects crying chicken little, the sky is falling.

Re:People need to settle down...

[j-turkey]

...Of course, this being the internet, you have the usual suspects crying chicken little, the sky is falling.

They're also smugly saying "I told you so" - and doing so seemingly without understanding the situation. The situation hasn't changed since the beginning: don't use the service if you don't trust the encryption. If the service is breached and the (open source, peer reviewed) encryption stands up to attack, then the threat is astronomically minimal.

The NSA has probably already inserted their

[mark_reh]

backdoor into the encryption. It's only a matter of time before hackers locate it and fling it open to let the animals in.

There are no secrets. There is no privacy.

Re:Who the fuck would use something like that?

[EmeraldBot]

Who the fuck would think it's smart to use some web service like that, where some third party ends up with your passwords, even if they are encrypted in some way?

They're very handy for websites that have poor native security, as the passwords Lastpass generates are extremely tough. In a lot of cases, I'd rather trust Lastpass's security over that of a native website, and they have open sourced their client side decryption process as well (which has received several audits). I don't use it for anything I consider super sensitive (my bank account, for example), but it's pretty good for a lot of other applications.

Re:Who the fuck would use something like that?

[Anonymous Coward]

They're very handy for websites that have poor native security

Like lastpass.com?

Re:

[tsotha]

I suspect their security is actually pretty good. Just not perfect.

Re:

[suso]

No security is perfect, that's why you have need to have a good incident response plan.

Re:

[rahvin112]

By centralizing all the passwords they are a prime target for infiltration. The hackers knew that by taking this one business they would potentially gain access to millions of websites. In a normal attack they have no idea if they will get good data, with LastPass they couldn't miss. That then makes them one of the most high profile targets on the internet and they'd need NSA level security to keep people out. I little internet company with world class security? I don't think so, even Google got hacked with

Re:

[Dan541]

I agree with the other posters, you'd have to be nuts to use LastPass for anything that was tied to financial transactions.

Why? I'd rather my banking credentials be leaked than my email or domain registrar credentials.

What can a person do with my bank account anyway? Nothing, that can't be traced and/or reversed.

Re:

[Anonymous Coward]

"What can a person do with my bank account anyway? Nothing, that can't be traced and/or reversed."

Then you should feel perfectly safe posting your bank credentials on this site.

Re:

[KGIII]

My niece has a friend (this is, sadly, a true story) who got their first credit card. She was pleased and activated it. She was so excited, and I kid you not, she took a picture of this card and posted it to her Facebook account. I am not sure how they got the 3 or 4 digit number on the back of the card (or if they did) but it took less than a day for the card to reach its limits and, sadly, she is not being held liable for the fraudulent transactions. Some folks should not be allowed credit cards or intern

Re:Who the fuck would use something like that?

[thsths]

To be honest, the idea that anybody who can see your credit card can take your money is not really security at all. Usually transactions require additional evidence - either the physical card, the PIN, the address, or the security code.

Re:

[gbjbaanb]

I am not sure how they got the 3 or 4 digit number on the back of the card

only takes a thousand attempts (at worst) to guess that number. You'd hope the card system would block it after 3 or so failed attempts, but you never know if they do.

Re:

[tsotha]

Aha. What? In the US if your banking credentials get out on your end the bank is under no legal obligation to make your account whole. They'll try to reverse transactions, but if the money's gone the money's gone and it's your problem. The fact that the money can be traced to an organized crime syndicate in far-away country where nobody cares is not going to help you much.

Re:

[johanw]

You have offline solutions for that, like KeePass. I'd rather go with the extra hassle of having to sync the KeePass database myself than being dumb enough to put it on some cloud service. And no, a KeePass database on Dropbox is almost just as dumb.

Re:

[execthis]

I know that a company like Lastpass has paid professionals to maintain infrastructure with strict security, vs. whatever I would be able to muster on my own. I could use Keepass and perhaps sync with my Owncloud server, but then is my security going to be better than theirs? Probably not even close.

I like the idea of Keepass and have it installed, but their plugins are not as good as Lastpass and using it is kind of cludgy. I have no special allegiance to Lastpass in particular, although I personally thi

Re:Who the fuck would use something like that?

[gbjbaanb]

And how else are you going to manage the hundreds of dozen-character long, unique, and complex passwords you want to use with each site?

with an offline tool, like keepass. [keepass.info] Same functionality, only stored locally (or on your phone), not on the cloud.

Re:

[Coren22]

How do you sync that between multiple computers, your phone and your tablet?

Not the same functionality.

Re:

[gbjbaanb]

I use Mozy to back it up, and BTSync to sync it with my phone.

Re:

[SimplyGeek]

And when you're on a corporate machine or server where you can't use Dropbox? Keepass is not LastPass. They both have their strengths.

Re:

[Coren22]

So what you are saying is that you use Keepass in a way so that it can act just like LastPass, but it is Dropbox that has access instead of LastPass?

There is no benefit of Keepass stored on Dropbox over LastPass. They work entirely the same. In LastPass, the password database is encrypted with the access password, and LastPass has no access to your password database.

Re:

[gl4ss]

lastpass seems a little bit strange.

do they have the ability to look your passwords? there's the ability to reset password but is that only for the "two factor"? they claim the decrypted passwords never leave your device, but they have password reminder questions/system? so what the fuck? they have syncing and that so.. do they have the ability to decrypt the data in lastpass or not?

Re:

[Dan541]

In a lot of cases, I'd rather trust Lastpass's security over that of a native website,

If only one native website is broken though, then only one of your passwords has been taken.

You mean the one password that has been used on every other site.

Re:

[UnknownSoldier]

I know. That's just a disaster waiting to happen. "We got hacked." "You don't say ..."

For the first and last time:

ANYTHING on the internet is NOT secure

Use a local password manager.

Re:

[Charliemopps]

I know. That's just a disaster waiting to happen. "We got hacked." "You don't say ..."

For the first and last time:

ANYTHING on the internet is NOT secure

Use a local password manager.

Well, now that we have the word of someone that has absolutely no clue how infosec works I guess it's case closed right?

As far as how secure this service is... well... meh? Who the hell knows. Would I keep the launch codes there? No. My password for that Cartoon network? Sure. The point is, you seem to be claiming that your local hard drive is safer than a websevice literally dedicated to security. That's laughable to say the least. IF this site really is what it claims to be, then it's definitely more secu

Re:

[irrational_design]

That's great advice. Except I have 6 computers in three locations that I use on a daily basis. Putting it on a stick doesn't really work since I'm really good at losing things. Before using an online password manager I used the same 7 character password for everything. Now my password manager has 100s of passwords, allof which are unique and most of which are 30+ characters long. I really don't know what I would do without it.

Re:

[CanadianMacFan]

I had the same problem as you except I was looking after 70+ computers as a sysadmin about a decade ago. Used to store them on my Palm with a program called STRIP by Zetetic. Now I have their app on my iOS devices. It's not as flashy as LastPass but then it doesn't store all your passwords on the Internet either.

Re:

[N1AK]

What happens if you lose the device? If it backs them up where does it back them up to, how does it get them to the backup and how secure is it? Without knowing a lot more I'd be equally, or more dubious, of claims that password managers on devices like phones are any more secure overall.

Re: Who the fuck would use something like that?

[corychristison]

I personally use a KeePass 2.x database. I use it across my computers and Android phone.

For convenience, I use BitTorrent Sync to keep the file updated across devices. I have it set to only sync on the local network(s), instead of over the internet. So, all if I add or change a password at home, it will sync to my phone and laptop via the local network. When I go to my office, when my phone connects to the local wifi it will sync the file to my work computer.

I use a password and keyfile. I copied the key fi

Re:

[corychristison]

I agree. I don't use it... just the standalone client on Linux and KeePass2Android on Android.

Re:

[Dan541]

ANYTHING on the internet is NOT secure

Use a local password manager.

A local password manager is just as vulnerable as LastPass, likely more so since few password managers take security as seriously as LasstPass does.

Re:

[johanw]

At least your computer with your KeePass file is not such a high profile target as the LastPass servers (unless you're Edward Snowden perhaps).

Re:

[execthis]

LMAO. Your local password manager on your computer which is ON THE INTERNET!

Re:

[N1AK]

Use a local password manager.

Because a local machine is inherently unhackable...

There are plenty of tech-savvy people who use services like LastPass. Of course putting all your passwords in one place, on one server, comes with risks. It also has a few advantages, including: > They notify you of hacks to sites you have passwords stored for > You don't have to type passwords, protecting you from keyloggers If it turns out that the people who've attacked LastPass have information that genuinely puts

Re:Who the fuck would use something like that?

[Anonymous Coward]

That's just stupid. No one can remember 30+ passwords. And not using unique passwords is the dumbest possible thing (gmail account "hack" from earlier this year)

So, *sometimes* use your brain.

Re:

[GroeFaZ]

It is possible to remember an arbitrary number of different, safe passwords. My method is to have one password that is short, but hard, in the meaning of impossible to crack by dictionary attack. Think random letters, numbers, the stuff that is hard to memorize. But it's always the same base password, so you will know it by heart eventually. Assuming the website you use the password on hashes the password, that leaves you vulnerable to lookup/rainbow tables, because the base password should be fairly short,

Re:

[GroeFaZ]

Self-reply: Or just use hunter2 for everything, it will show up as ******* for everyone that isn't you.

Re:

[Jody Bruchon]

Incorrect. Anyone can remember three reasonably secure (read: long and not all lower case) passphrases. Use them in tiers where one is for "I don't care if my Slashdot/Ars Technica/Disqus/TPB account really gets hacked" and one is for "this is an email account that a lot of other accounts can be password reset to hijack, don't use this anywhere but on email accounts that need to be secure" and one is exclusively for bank accounts or other highly sensitive information. That way if "LOL We Use No TLS And MD5

Re:

[Krojack]

I know. That's just a disaster waiting to happen. "We got hacked." "You don't say ..."

For the first and last time:

ANYTHING on the internet is NOT secure

Use a local password manager.

I agree with you - but i must add, even if i may sound "paranoid", while i understand how convenient it is: don't use a (local) password manager... use your (brain's) memory!

Most people who use their brain will pick very easy to remember passwords which are in return easy to guess and hack. I have been changing over to using my YubiKey. Slot 1 is configured for OTP, slot 2 is a 32 character static password of random upper and lowercase letters.

Re:

[Applehu Akbar]

"Almost everyone has a local password manager... it's commonly referred to as a brain."

Unfortunately the H. Sapiens Mark I brain is only good at remembering bad passwords. To remember good ones, you need a password manager.

Re: Who the fuck would use something like that?

[jd2112]

I have a photographic memory. Unfortunately the film is bad.

Re:

[mars-nl]

For people whose brain doesn't work well enough to remember dozens of passwords, you could also use an gpg encrypted text file. Works well for me.

Re:

[WuphonsReach]

I prefer one GPG file per site. Downside is that it exposes the site name, but also means I only decrypt only a single site password at a time.

Bonus points for putting the files into a version control system (git/svn/hg) so that you can cleanly sync them between PCs.

And making backup copies is as easy as stuffing the ASCII armored block into an email. Or printing it out for OCR'ing later...

Re:

[blueg3]

Few people can memorize a large collection of high-entropy passwords.

Yes, I know there are strategies for getting away with memorizing fewer. They're not necessarily good ideas.

Re:Who the fuck would use something like that?

[Anonymous Psychopath]

Who the fuck would think it's smart to use some web service like that, where some third party ends up with your passwords, even if they are encrypted in some way?

People who understand how LastPass security works.

LastPass security is actually quite good, and designed to be resilient against data breaches. The attackers haven't gotten any passwords. What they have gotten is hashes, salts, and hints which could lead to passwords, given enough time and computational power.

The clock started ticking as soon as the attackers obtained the data dump. As soon as I reset my master password, the clock stops ticking. Between those two events is the only window of time the attackers have to brute-force the hash or guess my password based on the hint. As soon as I change my master password as prompted by the LastPass email, they have nothing.

If you use 2-factor authentication with LastPass, like Google Auth, even if they crack your master password before you change it, they still have nothing.

LastPass has many 2-factor options

[Beryllium Sphere(tm)]

In fact, when I wanted to demo about half a dozen dual-factor solutions for a colleague, I showed them all on my LastPass account.

Re:My Brain

[Sowelu]

It's very hard to hack, but susceptible to data loss.

Re:

[johanw]

But it's quite easy to brute force. "So, you didn't like us breaking your finger? You have 9 more to go unless you give us the password".

Re:

[Daniel Matthews]

You know that dream you had about being at work and logging into your admin system? Well... http://www.nature.com/news/sci... [nature.com]

Using auditory clues to induce dreams about a given topic is not impossible, and if the visual cortex activity can be decoded the simpler motor cortex that plays back your typing movements during password entry could also be decoded.

Your brain is hackable, with tools other than an axe.

Re:

[viperidaenz]

They made a movie about that [imdb.com]

Re:

[johanw]

You dream about logging in? You work too hard. :-)

Re:

[j-turkey]

Bah, your brain has been proven very susceptible to rubber hose cryptographic attacks.

Re:

[tnk1]

People store passwords in the Cloud all the time.

Just not in the same place. :)

Re:

[khasim]

On the other hand, this should also provide you with a list of the sites where you should be changing your password.

Hopefully everyone will manage to do that before any of the hashes are cracked (if the crackers managed to get both the algorithm and salt).

Re:

[Dan541]

Or you can simply change the one master password and your problem is solved.

Re:

[nitehawk214]

I think it would be prudent to still have a password change/reset policy if you are using something like LastPass. If the individual sites get hacked your account is still compromised.

Re:I believe I have a pile of I-told-you-sos to se

[hawkeyeMI]

I'm the submitter. I'm a LastPass user and I'll stay that way. If you actually read the article you'll see that things are under control. This is the second time LastPass has reported an attack that I can remember, and because of the client-side encryption and so on it's not a huge deal. Bravo to them for their proactive stance and sound methods.

Re:I believe I have a pile of I-told-you-sos to se

[Rich0]

I'm the submitter. I'm a LastPass user and I'll stay that way. If you actually read the article you'll see that things are under control.

This is the second time LastPass has reported an attack that I can remember, and because of the client-side encryption and so on it's not a huge deal. Bravo to them for their proactive stance and sound methods.

Not only that, but even if the encrypted vault were compromised along with the hashes/etc (allowing somebody to start brute-forcing them), I could easily use lastpass to identify all my accounts and the last change date for each. Since almost all my accounts use random passwords changing them all is a bit of a pain, but not too big a deal. I'm just replacing one random string of values with another. I could change all my accounts in a weekend and all the new passwords are synced across my devices.

Lastpass is extremely convenient and I don't know of many practical alternatives that are any more secure against the same threat models. Maybe a piece of paper in my pocket would be more secure against the remote attacks, but I don't really see that as a step up.

Re:

[AmiMoJo]

Lastpass is extremely convenient and I don't know of many practical alternatives that are any more secure against the same threat models.

Keepass with sync to a Google account. Gives you everything Lastpass Premium does for free, and it's more secure to boot. 2FA is free with Google accounts (no need to buy additional hardware), sync to mobile devices is free, and by not running in the browser and allowing you to use an optional keyfile as well as a master password it's more secure.

Re:

[Rich0]

This: rezial.com [rezial.com]
I admit that I never tried LastPass, so I'm not claiming this is better/more convenient.. I use it, and I'm happy with it.

but now I also want to try LastPass :)

Will that auto-fill password forms? Also, how is it any more secure? You're still encrypting your password list and storing it on somebody else's server - if somebody obtains the encrypted list they can attempt to brute-force it.

Re:

[Rich0]

And if your Lastpass account is ever hacked you'll lose access to all those accounts.

Well, you can keep backups but obviously if they brute force your encryption key then they can log into all your accounts and change your passwords on you.

Better to come up with a simple algorithm to generate your password based on the site you're using. No need to store anything. One less 3rd party knowing all the sites you care about. One hack required per account. Automated hacking and data mining tools aren't going to understand your algorithm.

That has a few challenges:

1. The algorithm needs to be secure. That likely means you can't do it in your head. It probably also means that you'll want to use a standardized tool which is secure.
2. You need to be able to run the algorithm from any device you want to access a website from.
3. If you want auto-fill of password forms (a major timesaver wi

Re:

[Rich0]

There's always this: http://www.passwordcard.org/en [passwordcard.org]

As mentioned, writing down your passwords (which this is just a fancy version of) makes them harder to crack online, but opens you up to a different set of attacks, especially any that involve physically overpowering you.

Re:

[SethJohnson]

anything else i can do?

Modify SSHD config to listen on non-standard port. It will greatly diminish the log traffic you'll see of failed attempts. This could be important if you're using fail2ban as well and don't want your iptables to bloat unreasonably.

Stay away from configuring port-knocking. It becomes a real pita when you want to scp a file at the spur of the moment.

Re:

[Dan541]

Guys, what is your problem? The only way these guys have ANYTHING is if you use your master password on an actual website other than just logging into your lastpass account.

Now, if your master paswoord is boobies, then, you're in trouble.

Until you change your master password. The threat here is that an attacker could use the email address and master password to retrieve the encrypted file from lastpass servers and then decrypt it using the master password. Two-factor Authentication alone protects against this. But if you have both a strong master password AND 2-Factor then you're not even close to being compromised.

Since the master password is used for encryption purposes it should always be as strong as you can make it in the first place.

Re:

[Virtucon]

Which is why in the bulletin they suggest changing it. I do this on a regular basis. For me it's just early in the cycle so no worries.

Re:

[Agent0013]

How does changing the master password help anything. On a site, you change your password and the old one does not work anymore. With an encrypted database, the old password still works with the old copy of the database. Changing it only works if they got your old password and want to use it on the newly encrypted database. Since they have a copy of the old one, they can take their time cracking the old master password and any amount of changing it will do nothing to remedy that. You would have to change eve

Re:

[Dan541]

How does changing the master password help anything.

It stops the attackers from logging into your account and accessing your database. Once you change the master password it doesn't matter if they crack your salt.

Re:

[Agent0013]

Right, but if they have the database, they don't need to log into anything. They just need to crack the encrypted database, which they have in their hands, and it is still encrypted with the old password. See, changing the password does nothing.

Re:

[Dan541]

IF they had the database, but we're not talking about that. We're talking about the current attack.

Re:

[Dan541]

With an encrypted database, the old password still works with the old copy of the database. Changing it only works if they got your old password and want to use it on the newly encrypted database.

Except the attackers are not believed to have accessed any of the databases. In either case I set my master password on the assumption that it will be subjected to offline attacks, as should everyone.

Re:Heh

[Jawnn]

Store it on "the cloud"! Everything will be fine!

And guess what? If you used even the most basic security hygiene, especially with your LastPass master password, it still is.

Re:

[dave420]

What do you think you told us so? I take it you didn't read the article...