Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

LastPass Accounts Can Be 'Completely Compromised' When Users Visit Sites (theregister.co.uk) 134

Reader mask.of.sanity writes: A dangerous zero-day vulnerability has been found in popular cloud password vault LastPass, which can completely compromise user accounts when users visit malicious websites. The flaw is today being reported to LastPass by established Google Project zero hacker Tavis Ormandy who says he has found other "obvious critical problems". Interestingly, Mathias Karlsson, a security researcher has also independently found flaws in LastPass. In a blog post, he wrote that he was able to trick LastPass into believing he was on the real Twiter website and cough up the users' credentials of a bug in the LastPass password manager's autofill functionality. LastPass has fixed the bug, but Karlsson advises users to disable autofill functionality and use multi-factor authentication. At this point, it's not clear whether Ormandy is also talking about the same vulnerability.
This discussion has been archived. No new comments can be posted.

LastPass Accounts Can Be 'Completely Compromised' When Users Visit Sites

Comments Filter:
  • Expected (Score:2, Insightful)

    by Anonymous Coward

    Well, that's the cloud for you. Stop connecting stuff that doesn't need to be connected.
    The best firewall- route to null

    • Re:Expected (Score:5, Informative)

      by Sneftel ( 15416 ) on Wednesday July 27, 2016 @09:15AM (#52589325)

      The exploit doesn't seem to have anything to do with "the cloud". Once you're logged in to LastPass and your vault is downloaded, password decryption and form filling happen locally.

      • by green1 ( 322787 )

        Then why give all your passwords to a third party in the first place? Seems like this is pretty much the expected outcome.

        You're not supposed to use the same password on multiple sites, because if someone gets access to that password, they get access to all the other sites too. Thing is, by putting all your passwords in a keyvault behind a single password, you've done exactly the same thing!

        If I'm going to make my passwords vulnerable by having one password that will get in to multiple sites, I'll do it the

        • Re:Expected (Score:4, Interesting)

          by SScorpio ( 595836 ) on Wednesday July 27, 2016 @11:09AM (#52590297)

          If a site has shitty password storage and is compromised that password is leaked and their are bots that try logging into other sites using the same credentials. By having different passwords for different sites you can prevent this.

          There are password vaults that keep everything local if you are worried about security.

          • by green1 ( 322787 )

            But this site DOESN'T keep it local, and that's exactly the point.

            • And it's still better than your terrible example of using a single password for all sites. Sites HAVE been hacked, other sites HAVE been logged into via bots because someone used the same credentials on multiple sites.

              LastPass only stores an encrypted blob. Any decoding is performed client side.

              • by green1 ( 322787 )

                And now there's one more site that can be hacked, and it will provide an "encrypted blob" that the attacker can easily decrypt and get your password for EVERY site, not just a couple.

                Password managers that have ANY online component are a massive security breach. You'd be more secure using the same password you use for your password manager on all those sites independently, same password will compromise everything (no different from if the password manager is compromised) but you only have N sites that can b

    • Well, that's the cloud for you. Stop connecting stuff that doesn't need to be connected. The best firewall- route to null

      Hey, don't blame the cloud. I'll state on record that I store my passwords in the cloud. I have a KeePassX database that syncs via ownCloud. But decrypting the database requires both my master password, and a key file that I only store locally. So even if the ownCloud server's breached, my data is not in danger. (As an extra precaution, I also encrypt everything before I put it in my cloud folder, but that's just paranoia.)

      The problem again is LastPass. Nobody knows if their security practices are any go

      • Re:Expected (Score:5, Informative)

        by Sneftel ( 15416 ) on Wednesday July 27, 2016 @09:25AM (#52589413)

        The problem again is LastPass. Nobody knows if their security practices are any good, and the attack surface is huge.

        Well, their online security practices are relatively unknown, but they're also kind of beside the point. Yes, LastPass won't hand out someone's vault without some sort of authentication, but that's just fences around brick walls. The real means of security is in the client, which is the only part capable of decrypting the vault (decryption keys never being uploaded). The client source code is available and has been audited, so you can feel pretty good about that, short of the Ken Thompson hack or the possibility of the local computer itself being hacked (which, of course, would affect any password manager).

        • The password manager shouldn't connect to the Internet in the first place. But you're wrong that the LastPass client is the only attack surface; somebody can compromise my account. And I don't know what the LastPass company (LogMeIn) does to keep my account information safe.
          • by Asgard ( 60200 )

            Compromising the account only gets them an encrypted blob -- only the client can decrypt it.

            (Now, nothing says LastPass can't publish a subverted client, I've never heard how that is protected against).

            • Compromising the account only gets them an encrypted blob -- only the client can decrypt it.

              (Now, nothing says LastPass can't publish a subverted client, I've never heard how that is protected against).

              Somebody can brute force your master password once they have your encrypted vault.

              • by Sneftel ( 15416 )

                One generally uses a long, complex password for their password vault (which is fine, since you only have to remember the one password). This, combined with PBKDF2 backed by SHA-256 iterations, means that it's not realistically possible to brute-force the vault before the sun goes out.

                • "One" might do that but what about "Two" or "Three"? Do they do that, too? I very much doubt it.

                • by vux984 ( 928602 )

                  One generally uses a long, complex password for their password vault (which is fine, since you only have to remember the one password).

                  No. One does not. Because one needs to repeatedly enter that password in everytime one access anything, from as menial as slashdot to as important as one's bank.

                  Plus one needs to be able to enter it on a smartphone too; again... repeatedly.

                  Remembering a long complex password is easy. Repeatedly entering it over and over and over again is painful. So the practical length of most people's vault key is relatively short.

                  So while my bank password is long and complex and random, and i don't even know what it is;

      • by PRMan ( 959735 )
        So, KeePassX sounds identical to LastPass, then.
        • The difference is that using KeePass I can choose where I want to store the vault (in any random vendor's cloud or in no cloud at all), which means not only that I can pick the place with the security I prefer, but also that an attacker has a lot more places to look for it.

    • Just goes to show the only safe place to store your password is in your head!
  • Yeah most vapor is easily penetrable. Imagine what would happen to an airplane if it wasn't.

    Would it really be incorrect to assume that keeping a local text file with your passwords is quite a bit more secure than anything in the Cloud?

    • by cdrudge ( 68377 )

      Would it really be incorrect to assume that keeping a local text file with your passwords is quite a bit more secure than anything in the Cloud?

      How do you access your locally kept text file when you're not on your local desktop? That's the advantage that a cloud-kept password gets you. Of course it comes with the disadvantage that it may be more vulnerable, so some might say that the disadvantage isn't worth the advantage.

      • How do you access your locally kept text file when you're not on your local desktop?

        Oh c'mon... Do I really need to spell out where you can keep a local copy?

        • by cdrudge ( 68377 )

          So you're going to keep a local copy on your work computer, and your home desktop, and your cell phone, and your tablet, and your friend's computer, and your...

          • You've gone off the "deep end" with the absurdities there, buddy. You work for the IOC [slashdot.org]?

            *sigh* I guess I do have to spell it out... Keeping it on my cell phone should be sufficient, wouldn't you agree? I mean, you know, I usually have that one with me, even when I'm on the shitter.

            • Reading my 30-random-character password off my cellphone and manually typing it in to my desktop is not my idea of a good time. Therefore, I use keepass and store the database on a cloud drive sync'd between systems so I can copy-paste on each.

  • by Anonymous Coward

    The entire "2FA" concept is simply an info grab masquerading as security theater. In what way is it supposed to improve my security by A: Giving a piece of information that is NOT strictly need-to-know to to some random weirdo on the Internet, and B: Tying the security of that thing to said third-party service?

    This is not security. This is simply an attempt to grab information masquerading as security theater. Real security has always worked based on the premise that a piece of information exists that is kn

  • ...is a notebook with usernames and passwords written down in it. Primarily because any system I use has to work on Linux, Mac, Windows, iOS, and Android.

    I don't actually write down the password, but a description of it. "Usual, first letter cap, +9*3, without old First Sergeant's name" type of thing.

  • Not exactly... (Score:5, Interesting)

    by myowntrueself ( 607117 ) on Wednesday July 27, 2016 @09:18AM (#52589365)

    The headline says 'Lastpass accounts can be completely compromised'.

    But this isn't a method of getting the Lastpass account password itself, its a way of getting passwords for specific sites that the malicious site is trying to get passwords for.

    That isn't 'completely' compromising the Lastpass account.

    • Re:Not exactly... (Score:4, Insightful)

      by execthis ( 537150 ) on Wednesday July 27, 2016 @09:47AM (#52589581)

      Thank you for the sanity. So many derisive and uninformed posts, so much schadenfreude being shoveled out, and not enough basic factual information.

      Another thing to consider is that a lot of sites seem to be designed that you can't just autofill to login. Nowadays you have to first click a login link which causes a dropdown form to appear.

      I have to ask myself, of the say 10 most frequent sites that I use Lastpass to login to on a regular basis, could any other sites I've visited be ones attempting to maliciously impersonate those sites and steal my credentials? The likelihood is very small.

    • by Rolan ( 20257 ) *
      Not to mention that it's not a zero-day.... The vulnerability has already been patched and the patch pushed to users.... Of course, if it's not a zero-day and it's not "completely compromised" it's a lot less interesting.
    • Why not pretend to be lastpass.com and just get the lastpass credentials and then you get all the passwords?
  • Remembering lots of passwords is not possible for most people.

    Keeping all the passwords the same is not smart.

    Using a password vault seems logical, except that any such vault is a huge target for hackers. Certainly any vault in the cloud is just a disaster waiting to happen.

    Two-factor authentication is probably the best solution -- unless your phone is at the bottom of the river, or your employer puts you in a spot where phone service is non-existent, like the basement. Of course, for those of you who are

    • by jon3k ( 691256 )

      Two-factor authentication is probably the best solution -- unless your phone is at the bottom of the river, or your employer puts you in a spot where phone service is non-existent, like the basement.

      Some services (ie Google) allow you to have a backup phone number. So my advice is buy yourself a cheap Android phone with a pay as you go SIM just for these types of situations. It's cheap insurance. Some people even use a freedompop sim which is totally free. So $50-$100 onetime cost for the phone [amzn.com] and $0 monthly cost.

      • by wcrowe ( 94389 )

        Yes, getting a cheap feature phone just for this purpose is very tempting. That's a good idea.

    • Thank you for that information. I think the upside of this is that maybe it will prod people to take two-factor authentication more seriously.

      By the way, never saw 21:19 before. I love it. Reminds me of 17.1.

      • by wcrowe ( 94389 )

        The thing I personally dislike about two-factor authentication is that I have to give a bunch of people I don't even know, my phone number. However, it would be tempting to get a cheap feature phone just for this capability.

        Ha! 17:1 is truly wise. I not only love 21:19, I lived it, for 19 years. :-)

        • SMS verification is a form of 2fa. Not all 2fa is SMS based. In fact SMS is generally regarded as weakest and least desirable form of 2fa. TOTP is much better and can be done with a phone based client like Google's. I use a combination of TOTP, hardware token based 2fa depending on what the site supports. All sites should be prodded to support hardware token based 2fa.

          Read about FIDO U2F to better inform yourself of the options that exist and where things should be heading.

    • by green1 ( 322787 )

      Keeping all the passwords the same is not smart.

      Using a password vault seems logical, except that any such vault is a huge target for hackers. Certainly any vault in the cloud is just a disaster waiting to happen.

      And therein lies the problem.
      For a password vault to work, there has to be a way to access it. To secure it you need something like a password. So now you have one password that gets you in to the password vault, which then has the passwords for everything else.

      This is no more secure than just using that same password on every site, in fact it's probably less secure as you now have one more site that can be compromised.

  • by ma++i+ude ( 580592 ) on Wednesday July 27, 2016 @09:23AM (#52589397) Homepage

    Password managers seem like an inherently terrible idea, particularly onlines ones.

    Can someone explain to me why password hashers are not more common? I've used one for years and really can't understand why nobody else does. Take the master password, append (a portion of) the site's domain name, and hash to arrive at a random password. There's only one password to remember, you get a unique strong password for every website, and everything can be done offline without storing anything anywhere. There are extra refinements to create new passwords to replace e.g. compromised ones, or conform to the site's password length and other requirements, but they are trivial. Extensions are available for browsers [google.com] and mobiles [google.com].

    • by AmiMoJo ( 196126 ) on Wednesday July 27, 2016 @09:41AM (#52589519) Homepage Journal

      Because password hashers are no more secure than password managers that auto-generate long random passwords. If an attacker steals your master password they still get everything. Due to the requirement to meet password length and other requirements, and to allow for changing compromised passwords you still need a file containing those details. There is no benefit over simply encrypting that file with the master password.

      You are right about online password managers though, they are an absolutely terrible idea as multiple Lastpass breaches go to show. Use an offline password manager, optionally storing the encrypted file in the cloud if you need it to be portable, but with all the decryption happening outside your browser.

      • If an attacker steals your master password they still get everything.

        True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm. Obviously keeping this one master password safe is extra important, but as you only need to remember one, you can probably afford to give it a bit more entropy.

        Due to the requirement to meet password length and other requirements, and to allow for changing compromised passwords you still need a file containing those details. There is no benefit over simply encrypting that file with the master password.

        Except this file does not need to be secure in any way.

        • A password vault like KeePass can utilize both a key file and a master password. Even if my password is keylogged, I have another layer of security insofar that the attacker needs to also be able to access my local drive. The hasher doesn't have this sort of 2FA.
          • by green1 ( 322787 )

            If you have to have a file on your local drive, what's the benefit to the cloud portion?

            And if the cloud portion allows you to download the file you need locally to a new machine, what's the benefit to the file on the local machine?

            I'm sorry, one way or the other it's a stupid idea.

            • The key file doesn't change, the password vault file will change as you add and change passwords.

              You manually copy the key file locally to any device you want to be able to open the vault.

              The vault itself is synced via a cloud service so all devices can access the latest passwords.

              If someone were to get into your cloud storage they could get the vault, but not the key.

              This method doesn't protect against locally exploited or physical access, but it stops online security breaches.

              • by green1 ( 322787 )

                So, as I suspected, there's no reason to have the cloud portion, you're better off just having the passwords stored locally as it's MUCH more secure.

          • by Khyber ( 864651 )

            "Even if my password is keylogged, I have another layer of security insofar that the attacker needs to also be able to access my local drive"

            If there's a keylogger on your system, your hard drive is likely compromised as well, given how most malware works now days.

        • by AmiMoJo ( 196126 )

          True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm.

          Exactly the same as an offline password manager, so no benefit.

          Except this file does not need to be secure in any way.

          It does. If someone has your salt and the URL of the site, and say that site gets compromised so they have the hash of your hash too. Now they can brute force your master password, and then get into every other site you used it with, and your file has a handy list of URLs where it will work.

          It's actually worse than using the master password to encrypt the password file. It's less convenient too; with an encrypted file you can store the user name

          • True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm.

            Exactly the same as an offline password manager, so no benefit.

            Right, compared to an offline password manager there's no security benefit. I use KeepassX for a few high-security things like financial accounts, but find offline password managers much less convenient for everyday stuff. With a password hasher you can use a JavaScript version from anywhere. (Yes, keyloggers would be an issue. And I host my own copy to make sure it's not backdoored.)

            Except this file does not need to be secure in any way.

            It does. If someone has your salt and the URL of the site, and say that site gets compromised

            ...or they are the site owner...

            so they have the hash of your hash too. Now they can brute force your master password, and then get into every other site you used it with, and your file has a handy list of URLs where it will work.

            First of all, in practice I don't back up the settings file anywhere, as almost all sites wor

            • by SScorpio ( 595836 ) on Wednesday July 27, 2016 @11:26AM (#52590439)

              Say there is a security breach and you are forced to update your password. With your hasher you now need to update every single site to use the new password.

              With a password vault with unique passwords for every site you change the password for that single site and you're done.

              • Say there is a security breach and you are forced to update your password. With your hasher you now need to update every single site to use the new password.

                No, you have at least two options:

                1. Change the site tag. For example, on the Password Hasher Chrome extension, you can hit the "Bump" button which replaces "slashdot" with "slashdot:1" and gives you a new unique password. The new tag gets stored in the extension settings. I don't use this but it works, and would be good for sites that actually require periodic password updates.

                2. Change your master password for that site only. I use a completely different master password for the two or three sites which I

                • by chihowa ( 366380 )

                  With the first option, you introduce the need for some state information that you need to store and forever be able to retrieve (and possibly sync between your other devices). You now need a persistent database and you've lost any advantage over just encrypting random passphrases.

                  The second option starts to move you away from the simplicity or having a single passphrase to remember and eventually leads to just as complicated a situation as just memorizing different passwords for different sites. What happen

                  • With the first option, you introduce the need for some state information that you need to store and forever be able to retrieve (and possibly sync between your other devices). You now need a persistent database and you've lost any advantage over just encrypting random passphrases.

                    Well, maybe. But this state is not highly confidential so you can for example let Chrome store it in the cloud. In practice the number of times a password change is required is small (at least for me), so you can either brute force it (bump until you find the right password) or reset your password if this happens.

                    The second option starts to move you away from the simplicity or having a single passphrase to remember and eventually leads to just as complicated a situation as just memorizing different passwords for different sites. What happens as the list of compromised accounts increases and some accounts are compromised a different number of times?

                    Again I see your point. But I've used this system for close to a decade now and I'm only using two master passwords so far. How many passwords have you memorised in the last ten years?

                    I should emph

                    • by chihowa ( 366380 )

                      I actually like your hash system quite a bit, which is why I'm trying to poke holes in it!

                      I haven't had to change passwords often and I keep them in an encrypted database instead of memorizing them. I've lost the entire database or some of the entries in the past, so I like the idea of being able to reconstruct the passwords without needing an encrypted list of them. I'll be keeping the encrypted database anyway, because I store other information in it, but generating the passwords with the hash method coul

                    • Again I see your point. But I've used this system for close to a decade now and I'm only using two master passwords so far. How many passwords have you memorised in the last ten years?

                      Less than a half dozen. One for the password vault, encrypted phone unlock, PC login, work login and one or two others I'm forgetting. The rest are all just random unique passwords per site.

                      One issue I see with your hash is using it for sites that have piss poor password policies such as your password can't be over X charact

                    • One issue I see with your hash is using it for sites that have piss poor password policies such as your password can't be over X characters long, or it has to contain letter, number, and limited list of symbols, etc. Your hash could possibly not match the requirements. What do you do in this case?

                      The final step of the hashing algorithm maps the resulting hash into a character string. The algorithm allows you to customise this mapping to use only a given subset of characters, or given length. Using this feature will require you to store this metadata in your state file, because you rarely get reminded of these password limitations at login, only at registration. Fortunately these sites are rare; the default policy of 8 characters with alpha + numeric + special – and the algorithm makes sure you

      • by PRMan ( 959735 )
        Multiple LastPass breaches that have never affected me in the least? There are different levels of breaches. I'm sure that somebody stole my password vault from LastPass at some point. I am also sure that they haven't cracked it yet, since my master password is not simple.
    • by Anonymous Coward

      Randomly generated passwords are more secure than ones based on fixed values that are hashed without salt.

      Of course, you're right that online password managers are not secure.

    • by Isao ( 153092 )
      Because it reduces security. You are then using the same password on every site. (Since the other component of the hash is known.)
  • by Kinwolf ( 945345 ) on Wednesday July 27, 2016 @09:27AM (#52589429)
    So lastpass can be tricked to think he is on the real twitter page. Newsflash, so can a human. So the human will also enter his password on that page, no matter the password manager he use.
    • Stop trying to dismiss terrifying news articles by using common sense.

    • by AmiMoJo ( 196126 )

      It's a slightly different problem. Imagine a site with a hidden login form that impersonated Twitter and made Lastpass auto-fill your Twitter username and password. So at a minimum you should disable auto form filling in Lastpass.

      Now imagine an ad network serving up this malware to millions of people.

  • This problem isn't specific to LastPass. If a bogus site is masquerading as the real site, any system that doesn't have extensive site validation checks will fail, including and especially, remembering passwords.
    • This problem isn't specific to LastPass. If a bogus site is masquerading as the real site, any system that doesn't have extensive site validation checks will fail, including and especially, remembering passwords.

      The vulnerability isn't just phishing somebody's login. It's exploiting a bug in the LastPass client that allows you to compromise the user's account after phishing for just an individual site password.

  • This article is nothing but a sensationalist headline. The concept and reading through the guys process were great, but he did alert LastPass prior to posting and collected $1000 as a bounty.
    • You are right. No big deal. Only before he collected $1000 all of our passwords were compromised. No big deal. Good thing everyone updated too. If not, no big deal. He got $1000.
  • "Note: This issue has already been resolved and pushed to the Lastpass users."

    Yes, it's important, but the title's present tense is a lie: "LastPass Accounts Can Be 'Completely Compromised' When Users Visit Sites "
  • Seems to me this very problem is what operating systems like Qubes were designed to address.

    Since you can run the browser in two different environments for different purposes, it is possible that you only have Lastpass accessible when you're visiting trusted websites and you use the browser in the "untrusted" environment which does not have access to Lastpass when you surf random sites.

    Then for someone to use this method to get your passwords, they have to hack a website you consider trusted.

    Problem solved

Trap full -- please empty.

Working...