LastPass Finds Security Holes In Its Online Password Manager, Doesn’t Think Anyone Exploited Them

Makes me think twice about using iCloud



When you’re in charge of keeping many hundreds of thousands of passwords under lock and key, trust is everything. Maintaining that trust means fessing up when things go wrong — even if it’s something you don’t think affected your users.

Such is the case today for LastPass, a popular password manager for Safari, Chrome, Firefox and Opera. They’ve just published details of two security exploits discovered lurking in their products, though they say they don’t believe the exploits were ever used maliciously.

You can read their full post here, but here’s the gist of it:

  • The first bug is tucked into their less-used bookmarklet offering, not the more popular LastPass plugin. LastPass says “less than 1%” of its userbase uses these bookmarklets.
  • With this first exploit, if a user clicked on their bookmarklet while on a site specifically built with this hack in mind, LastPass could be coaxed…

View original post 335 more words



Blog Site for Jason Boud and Beyond Mobile Ltd.
This entry was posted in Tech Reviews. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s