LastPass Flaws Hands Out Passwords to Hackers

/ 2 years ago


eBay, Amazon, Facebook, Twitter, Reddit. With so many accounts it’s often hard to come up with and remember, unique passwords for every site and account we use on a regular basis. With people using more and more accounts for everything its hard to keep track of your passwords without making them easy to figure out and guess, something which hackers rejoice when they try to gain access to your accounts. With people recommending the use of password managers, but it looks like LastPass, one of many managers, may have given away your passwords thanks to a flaw.

LastPass is a password manager, one of many systems designed to save, manage and secure your passwords, taking the task away from yourself and instead putting it in the hand of software. It would seem that a Google security researcher has now found a flaw in LastPass that allowed them to remotely hijack the software. The hack relies on a classic scenario, tricking users to visit a malicious site which would allow them to exploit a flaw in the Firefox browsers plugin.

LastPass are not only aware of the flaw but have patched it for their Firefox users, but this is only one of many flaws found in the software. Other flaws have allowed people to not only bypass the software but to also capture and steal users passwords.

Topics: , , , , , , ,


One Response to “LastPass Flaws Hands Out Passwords to Hackers”
  1. Trooper says:

    And this is why all of my passwords are written down on paper and stored in a secure location. I fully understand that if hackers want my passwords bad enough they will get them and there is nothing I can do about that but it is just stupid to put them all in one place online, that’s just asking for trouble.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

Optimized with PageSpeed Ninja