Articles about LastPass

LastPass has joined the Amazon Web Services Partner Network (APN) and is now listed on AWS Marketplace. This addition aims to provide organizations with streamlined access to password management solutions that support security and ease of management amid increasing adoption of hybrid work models.

Organizations are facing heightened challenges in managing a growing number of SaaS applications and online accounts, particularly as remote and hybrid work arrangements become more common. LastPass's availability on AWS Marketplace is intended to address these challenges by offering secure, easily accessible password management options that maintain administrative control and user convenience.

Continue reading →

The support forums of password management tool LastPass are filling up with complaints from confused and disgruntled users who found themselves locked out of their accounts. The problems stem from a forced authenticator app reset implanted by the company following a series of security incidents last year.

Starting last month, LastPass forcibly logged out users and required them to reset their multifactor authentication (MFA) apps such as Google Authenticator and Microsoft Authenticator. But having followed the instructions given by the company, large numbers of users report that they are unable to access their LastPass vaults after being locked out their accounts.

Continue reading →

A new data breach is revealed to the public every day. Some of the most recent ones that included large businesses are Mailchimp, LastPass, and T-Mobile. One of the many reasons we increasingly read about such incidents is because it’s getting more and more challenging to protect the assets of a business. The truth is cyber criminals are getting savvier by the day, and their attack methods, such as malware, more sophisticated.

Organizations face a multitude of hacking threats that target their increasingly complex infrastructures. To fight it, businesses deploy Secure Access Service Edge (SASE) to both improve and simplify their cybersecurity. How does SASE aid modern companies to protect data and people from malicious hacking? Here, we discuss the key capabilities of the tool and how it can aid in the prevention of high-profile breaches such as Mailchimp, LastPass, and T-Mobile.

Continue reading →

The reputation of LastPass has taken quite a battering over the past year, with the handling of security incidents doing nothing to improve things. Just last week the company gave an update about a security breach that took place back in August, revealing that it had been more serious than first suggested.

But now the updated announcement from LastPass has been ripped to shreds by security experts with one denouncing it as being "full of omissions, half-truths and outright lies".

Continue reading →

Password management firm LastPass has issued an update about a security breach that was first revealed back in August. The news is not good; the data breach is significantly worse than initial reports suggested.

LastPass says that its investigations into the incident now show that the hackers were able to obtain customer vault data. The company points out that these vaults are home to both encrypted and unencrypted data, and tries to play down the significance of a threat actor gaining access to unencrypted data.

Continue reading →

Last month, LastPass suffered a cyberattack and the company shared some details about what had happened shortly afterwards. Now, having conducted further investigations, more information has been revealed including the fact that the attacker had access to the LastPass development environment for four days.

The company concedes that it is not clear how the attacker was able to gain access but says: "the threat actor utilized their persistent access to impersonate the developer once the developer had successfully authenticated using multi-factor authentication". LastPass has also revealed the impact of the four-day security incident in the name of providing "transparency and peace-of-mind to [its] consumer and business communities".

Continue reading →

LastPass, the firm behind the eponymous password management software, has revealed that it fell victim to a security breach two weeks ago. Although the company is quick to point out that passwords stored by users have not been exposed, the incident remains hugely significant.

The hackers were able to breach the security of a developer account and took advantage of this to steal "source code and some proprietary LastPass technical information". While LastPass is at pains to stress that it has seen "no evidence that this incident involved any access to customer data or encrypted password vaults" it is an incident that will nonetheless dent user confidence.

Continue reading →

For a company whose business is to protect passwords, going passwordless might seem a bit self-defeating, but stick with us, because there is method in this madness.

LastPass is announcing that its customers can now access their vault, and all sites stored in it, with a simple and secure passwordless login using the LastPass Authenticator.

Continue reading →

LastPass users around the world were thrown into a state of panic after the company issued email warning about unauthorized use of master passwords.

The password manager company advised users of suspicious login attempts using the master password associated with their account. This led to concerns that the company has been hacked or that  passwords had been leaked, but LastPass says that the warnings were erroneous.

Continue reading →

If you aren't using an online cloud-based password manager to both create and store your various passwords, you are doing yourself a great disservice. True, storing your passwords in the cloud seems counter-intuitive, but in reality, it is far more secure than re-using passwords or writing them down. Of course, you should make sure you are also using Two-Factor Authentication (2FA) whenever possible too.

On the desktop, there are many password managers for Windows and Mac, but on Linux, things are far more limited. For instance, 1Password is arguably the best password manager in the world, yet despite a decade of requests for it to come to Linux, it never did. Sure, Linux users could use the 1Password X browser plugin, but there was no native Linux version. Well, folks, the time has finally arrived. Following a lengthy Beta period, today, developer Agilebits finally releases a stable 1Password for all modern Linux distributions!

Continue reading →

The browser extensions for password management tool LastPass suffered from a vulnerability that meant users' passwords could be leaked, a Google Project Zero researcher reported.

Affecting the Chrome and Opera extensions, the vulnerability meant that malicious websites could trick LastPass into exposing usernames and passwords. LastPass explains that the problem stemmed from a "limited set of circumstances" that allowed for clickjacking. The good news is that the security flaw has been patched.

Continue reading →

Hundreds of cloud applications are being used in businesses and IT teams are pressured to achieve high levels of security without introducing complex authentication processes that may reduce workforce productivity.

LogMeIn, developer of the LastPass password management program is launching a new suite of LastPass Business solutions delivering a comprehensive identity offering, built for small and medium sized businesses.

Continue reading →

A new study by LogMeIn, the company behind the LastPass password manager shows that size matters in password security, but not in the way that you might think.

Looking at anonymized data from over 43,000 companies, the study produced a security score and a password strength score for each. Businesses with fewer than 25 employees had the highest average security score of 50, but the average drops as company size increases.

Continue reading →

If you're a user of Xmarks, there's some bad news for you -- the service is closing down in a month's time. The bookmark syncing tool, which is available as an addon for Chrome, Firefox, Internet Explorer and Safari, is to be shuttered on May 1.

Very little fuss is being made about the closure by the company behind it -- something which is perhaps indicative of the level of interest there is in the service these days. A banner at the top of the Xmarks website reads: "LogMeIn is retiring Xmarks from its line of products as of May 1, 2018. After this date, you will no longer have access to Xmarks."

Continue reading →

Google recently announced that it was going to take action against apps that misuse its Accessibility Services API. There are a number of big-name apps that make use of this API, including the likes of LastPass and Tasker.

Users of the password management tool were concerned to hear that their favorite app could be affected. But the company has spoken out to say that it is working with Google, and there will be "no immediate impact" to its users.

Continue reading →