LastPass is scrambling to fix another serious vulnerability

Page 1 of 2 12 LastLast
  1. Borg 386's Avatar
    Posts : 21,900
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       30 Mar 2017 #1

    LastPass is scrambling to fix another serious vulnerability


    The flaw could allow for remote code execution or password theft.

    For the second time in two weeks developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or infect computers with malware.
    LastPass is scrambling to fix another serious vulnerability | PCWorld
      My ComputerSystem Spec

  2.    31 Mar 2017 #1

    Perhaps it's best never to store passwords on any IT system?
      My ComputersSystem Spec

  3. TairikuOkami's Avatar
    Posts : 3,474
    Home 1809 x64 10.0.17763.107
       31 Mar 2017 #2

    Online password managers, the same, the same old.

    Tavis Ormandy on Twitter:
    Attached Thumbnails Attached Thumbnails capture_03312017_092510.jpg  
      My ComputerSystem Spec

  4. Victek's Avatar
    Posts : 234
    Windows 10 x64 v1803 Build 17134.1
       31 Mar 2017 #3

    Tavis found the vulnerability and LastPass is working on fixing it; what is the problem? No security software is perfect and never will be. The argument for using LastPass has always been all of the other much more serious security problems it solves, eg weak passwords, users using the same password on multiple sites, users forgetting passwords and/or writing them down on sticky notes, etc.
      My ComputerSystem Spec

  5.    31 Mar 2017 #4

    I am a LastPass user, and this doesn't scare me at all. Tavis seems to have made improving LastPass a project of his - hopefully LastPass is compensating him for his efforts - and this will benefit LastPass users in the long run.

    In the mean time, Tech blogs will have fodder for their FUD stories following every tweet Tavis makes about LastPass, completely missing the point that it's security is actually being improved by this, and no one is exploiting any of these vulnerabilities.
      My ComputerSystem Spec

  6.    03 May 2017 #5

    Better to be scrutinized, and updated quickly. It's the fact that LastPass responds so quickly to resolve the issue that gives me peace about the whole situation.

    And in the latest case, it was demonstrated to LastPass what could be done. It's not an active exploit. Kudos to LastPass for jumping right in and fixing it.
      My ComputerSystem Spec

  7.    03 May 2017 #6

    That is why I manage my own passwords.:)
      My ComputerSystem Spec

  8.    03 May 2017 #7

    Josey Wales said: View Post
    That is why I manage my own passwords.:)
    Are you telling me that you use
    1. A different password for every site
    2. A password that is long enough and complex not to guess
    3. You can either memorize them all, or only need to access a local password database to get to them?


    I'm so inundated with passwords, for both work and home. I work on a variety of machines. It's become necessary to have my passwords available in all places I might be, so managing them on my own isn't great. Even if I put them on my phone, it would be ok until I lost my phone.

    Passwords are such a necessary evil today, but there will hopefully be a better way in the future.
      My ComputerSystem Spec

  9.    03 May 2017 #8

    pparks1 said: View Post
    Are you telling me that you use
    1. A different password for every site
    2. A password that is long enough and complex not to guess
    3. You can either memorize them all, or only need to access a local password database to get to them?


    I'm so inundated with passwords, for both work and home. I work on a variety of machines. It's become necessary to have my passwords available in all places I might be, so managing them on my own isn't great. Even if I put them on my phone, it would be ok until I lost my phone.

    Passwords are such a necessary evil today, but there will hopefully be a better way in the future.
    That is exactly what I am telling you. I have this application that is called random password generator it can create random passwords and store them off line. I am retired, I have one device and no smart phone.
      My ComputerSystem Spec

  10.    03 May 2017 #9

    Lastpass can generate random passwords to your specification without even pressing a keystroke thereby avoiding keyloggers.
      My ComputersSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Edge and LastPass in Browsers and Email
Just to mention: I have tried a number of times to install the LastPass extension on Edge. The installation appears to go OK but later, the message is that the app encountered a problem and needs reinstalling to repair it. This doesn't do the trick...
Edge and Lastpass in Browsers and Email
Been using Lastpass with edge for a while without any problems, But this week something has spooked it the last pass wont remember my email. Has anyone got this issue please and some advice. Thanks.
LastPass password manager in Software and Apps
Just installed the lastpass app from store.How do I get it to show at the top right of the edge browser Also installed the adblock from store. Any Help Please.
LastPass in Software and Apps
Didn't know where to ask this question.?? I have windows 10 and using Lastpass password manager. Went to add a secure note in the section in lastpass but failed to add the note a box came on screen.. This feature requires an external binary...
Lastpass in General Support
Has anyone an idea as to when Lastpass will be available for Edge? Many are sitting on the edge of their seats waiting for this to become available within the next 24 hours. Is this a reasonable time to look forward to it becoming available? ...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 17:29.
Find Us