LastPass compromised

http://www.slashgear.com/lastpass-reveals-breach-tha...

In reply to a post by BatBoy:

http://www.slashgear.com/lastpass-reveals-breach-tha...

The prospect of which always led me to use KeePass instead.

If the information released by LastPass is correct, the breach is limited to e-mail addresses, salts, (master) password hashes and password reminders.

So long as the password reminder doesn't give a strong hint as to the master password, and you change your master password promptly, you should be OK. LastPass say they use 100k rounds of PBKDF2-SHA256 server side, which will mean brute-forcing attempts on the stolen salt/hash pairs will be very slow even on leading edge hardware. That buys a reasonable amount of time to change the master password following a security incident like this.


I am a LastPass user. I'm not happy this has happened, but the reality is that all the cloud password management solutions are high value targets for hackers. I follow what I believe to be best practice - I put a dummy string in the password reminder (a daft feature in my opinion), use a long master password which contains numbers and punctuation, also I have two factor authentication enabled using Yubikeys. I've now changed my master password.

I use two factor authentication on all sites where that is supported, keeping HOTP credentials in the HOTP application of a Yubikey NEO (as well as another backup mechanism I'm not going to disclose here). Even if you get my high value passwords (Google, Microsoft, Facebook, Twitter, Github, Dropbox etc.), they are of no use to you because you cannot log in to my account using only a password. If you take my Yubikey NEO, you'll have to get round the OTP password before you can start generating OTPs.


Other password management strategies, including password re-use or local password management solutions have their own weaknesses.

Ultimately, any password or credential based solution has weaknesses.

The consistent level of criminality a server attached to the Internet has to withstand on a daily basis would be an eye opener for the average person. I'm at the stage where I probably need a password manager and to be honest online managers are going to receive massive attention from skilled criminals - one day they are going to get lucky.

In reply to a post by Spud2003:

The consistent level of criminality a server attached to the Internet has to withstand on a daily basis would be an eye opener for the average person.

That's true. I run my own email server and although I don't send or receive much email it is under continuous attack. The web interface averages half a dozen attempted logins an hour. The SMTP and POP3 interfaces are each getting over dozen attempted logins a minute. SMTP is rejecting about the same number of spam attempts.

Something of particular amusement to me is that I use a disposable email address system and some of the addresses on my blacklist are still being used several years after they were blocked. One in particular has been blacklisted since 2007 yet is still a daily target for spam. Given that every attempt to send to that address results in the connection being rejected you'd think it'd be dead by now. It makes me think that my legacy to the internet is that when I'm dead and burnt spam will still be being sent to that address.

I don't use LastPass, and will not use any of these systems due to these issues. I also utilise two factor auth where available.

After my PayPal password got cracked a couple of years back (it was 8 random letters which I'm pretty sure I used elsewhere on other sites, and is now pretty weak by today's standards), I now have my own scheme of using *extremely* long random passwords, with each account on each website having a different one of these passwords.

I do not attempt to remember these passwords, nor do I write them down or store them anywhere. I have my own way of generating them when I need to (not hard to do) based on a script, giving that script "initial starting conditions" (a fixed 512 string of random bytes, the website address and master password) using partial hashes so it can "look them back up" if those initial conditions are correct. It then follows a procedure of hashing mechanisms to arrive at a password space of 1 million possible passwords of which, one of those is selected (a sha512 hash) which is converted to a base64 string giving 80 characters that can be used for a password. I tend to use a sub-substring of this string, 20 characters usually, as most sites don't allow passwords with a length of more than 20 characters (I would use 40 if I could). If a site becomes compromised, I can just pick another one of the million passwords from the same password space and update everything to use this new password instead.

20 characters gives a password space of 1.3 x 10^36
40 characters would be 1.8 x 10^72
80 would be 3.1 x 10^144

A key-logger would help you crack any account I have (I suppose) but that is where two factor auth comes into it's own. If you also grabbed a copy of my script, you would then need to know the master password I used (and it may not be the same master password across all websites) and also the websites I have accounts on, because as I said, not even that information is stored anywhere - it is ALL one-direction (not the boy band) hashed only. If you are unable to provide my script with "initial starting conditions" which lead to a password being "found", then it really is like looking for a needle in a haystack because you don't even know what you should be looking for.

So yeah, seems to work well.

PS - Just done a Google search of the md5 hash of my old 8 letter PayPal password and it shows up. That's how insecure this all is - laughable really. I suggest anyone do the same and if you get a match on Google search, change your password(s) ASAP!

keepass with its local storage for the win, which I use here.

relying on cloud services for passwords always seemed risky to me.