My Queue

There are no Videos in your queue.

Click on the Add to next to any video to save to your queue.

See Latest Videos

There are no Articles in your queue.

Click on the Add to next to any article to save to your queue.

See Latest Articles

There are no Podcasts in your queue.

Click on the Add to next to any podcast episode to save to your queue.

See Latest Podcasts

You're not following any authors.

Click the Follow button on any author page to keep up with the latest content from your favorite authors.

Security

One of the Most Popular Password Security Companies Was Hacked

Next Article
  • --shares
Add to Queue
One of the Most Popular Password Security Companies Was Hacked
Image credit: Shutterstock
2 min read
Brought to you by Business Insider

LastPass, a popular password manager program, just admitted it's been hacked.

In a blog post published today, LastPass’s Joe Siegrist writes, "The investigation has shown ... that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised."

LastPass works by having users choose one strong master password that they must remember. When they log into LastPass, they use this strong authenticator to gain access to a list of all of their other passwords, which are stored in encrypted form on LastPass' servers. 

LastPass’ servers do hold a list of all of its users passwords, but because they are encrypted (meaning they are heavily ciphered making it nearly impossible to crack), it's highly unlikely any hackers would be able to decrypt LastPass' password trove. 

Further, the encryption and decryption happens on the users' devices, meaning that LastPass has no way to access any of its users' non-ciphered passwords.

It's important to note that this breach does not mean that hackers have full access to the passwords of every LastPass user. What it does mean, however, is that if users use a weak master password or have used the same password for another website, there’s a likelihood that hackers could gain access.

To fix this, all LastPass users should change their master password if it is weak. Also, users should implement multi factor authentication, making it even harder for hackers to gain access. 

Users, however, need not have need to change the passwords stored in LastPass. 

Business Insider reached out to LastPass and will update the post when we learn more.

More from Entrepreneur

David provides constructive insight to help businesses focus on their company growth, build brand awareness and know when and how to raise money.
Book Your Session

In as little as seven months, the Entrepreneur Authors program will turn your ideas and expertise into a professionally presented book.
Apply Now

Are paying too much for business insurance? Do you have critical gaps in your coverage? Trust Entrepreneur to help you find out.
Get Your Quote Now

Related Books

Ultimate Guide to Google Adwords

Ultimate Guide to Google Adwords

Buy From
Ultimate Guide to Pay-Per-Click Advertising

Ultimate Guide to Pay-Per-Click Advertising

Buy From
Ultimate Guide to Optimizing Your Website

Ultimate Guide to Optimizing Your Website

Buy From
Ultimate Guide to Link Building

Ultimate Guide to Link Building

Buy From
Million Dollar Web Presence

Million Dollar Web Presence

Buy From
Outcome-Based Marketing: New Rules for Marketing on the Web

Outcome-Based Marketing: New Rules for Marketing on the Web

Buy From

Latest on Entrepreneur

Security

Download and Backup Any Online Content with This Cloud-Based Service

Security

7 Surprising Places Hackers Hide

Security

Security for Startups: Protection on a Budget