MiTec Computer Solutions, Inc. Logo
CALL US
304-614-0186
40 Skinner Lane
Elkins, WV 26241
  • Home
  • About
    • Our Story
    • Our Team
    • Partners
  • Services
  • Testimonials
  • Blog
  • Contact
  • RESOURCES

LastPass Security Breach

February 11, 2018 by Mike Gallogly

You may have heard or will hear in the news about the security breach at LastPass yesterday.  We use and recommend LastPass to our clients as a secure way to store and manage passwords for all their on- line activity.  This bulletin is intended to inform our clients about the breach based on the information so far, and what impact it will have.

First: If you use a complex password or pass phrase as your master password in LastPass, then there is no real threat to your data and passwords. According to LastPass, the hackers were able to get email addresses and password hints only. They store the encrypted data on a separate server which is excellent business practice. In addition, unlike other security breaches:

  • They quickly identified, contained and evaluated the breach
  • Users were promptly notified
  • They properly obscure stored password data (hashing) and use strong encryption
  • The data vault (where your encrypted data is stored) is not on the same system as the authentication (your logon) data.
  • Your computer’s browser adds additional hashing
  • If hackers had your encrypted data it would be nearly impossible to crack even one file with today’s technology.  In addition it would take decades to brute force even one file due to a built in timer that slows down the process.

Second: If you use a simple master password like “password” or “kitty123” then I would recommend you change your master password to something with capital letters, numbers and symbols and keep it more than 8 characters. The longer the password or pass phrase the better. You can change the password if you feel you need to.

Third: LastPass is still (in our opinion) one of the best and most secure password managers out there. NOT using an encrypted password manager such as LastPass is much more dangerous. Using the same password for multiple sites is asking for trouble in today’s world. The methods and procedures used by LastPass have been vetted and approved by some of the best crypto and security people in the business. If our own government used the crypto and methods adopted by companies like LastPass then they would not have “lost” millions of records on our government employees including their social security numbers, security clearance information, medical history, and a lot more.

Fourth: We all need to be aware that computers themselves are and will be compromised. HOWEVER, the data residing on them needs to be encrypted and protected using strong password hashes. LastPass understands this as their password hashing algorithms are the best and strongest in the business. I feel much more confident my data and passwords are protected using encryption services such as LastPass than I do about my data with ANY government database and most corporate databases. It is time we all started thinking about cyber security.

Until further notice, we will continue to use and recommend secure, encrypted password managers to our clients. LastPass is no exception. This is the best we have to date, as soon as something better comes along we will test it and let you know.

Filed Under: Uncategorized

Share:

Testimonials

  • As a governmental agency, security is a top priority. MiTec has earned our trust to remote in and do repairs. MiTec always takes time to answer our questions without making us feel like a non-tech person. Read More
    Linda Koch Procurement Manager
    Randolph County Housing Authority
  • we have not had any down time, which prior to MiTec services had NEVER happened before. Since we have had fewer problems than we did in the past, we have saved a great deal of money on technical support. We have been extremely pleased with MiTec Computer Solutions and will be using them for a... Read More
    Crystal Conti Office Manager
    Skinner Insurance Agency
  • If you need trustworthy, extremely knowledgable, friendly, and very cost effective support for your computer network, or just computers contact MiTec. Read More
    Barb Fowler
  • "When MiTec came in... The speed has been incredible, no slow downs, no drags. You can call whenever you need to call and they are quick to respond." Read More
    Bobby Benavides, FUMC of Elkins
  • They are looking out for us and protecting our information so I don't have to worry about that myself. Read More
    Lydia Johnson-Grady, Director
    Randolph-Tucker Children's Advocacy Center

FOLLOW US

MiTec Computer Solutions, Inc.

304-614-0186
40 Skinner Lane
Elkins, WV 26241

Testimonials

  • As a governmental agency, security is a top priority. MiTec has earned our trust to remote in and do repairs. MiTec always takes time to answer our questions without making us feel like a non-tech person. Read More
    Linda Koch Procurement Manager
    Randolph County Housing Authority
  • we have not had any down time, which prior to MiTec services had NEVER happened before. Since we have had fewer problems than we did in the past, we have saved a great deal of money on technical support. We have been extremely pleased with MiTec Computer Solutions and will be using them for a... Read More
    Crystal Conti Office Manager
    Skinner Insurance Agency
  • If you need trustworthy, extremely knowledgable, friendly, and very cost effective support for your computer network, or just computers contact MiTec. Read More
    Barb Fowler
  • "When MiTec came in... The speed has been incredible, no slow downs, no drags. You can call whenever you need to call and they are quick to respond." Read More
    Bobby Benavides, FUMC of Elkins
  • They are looking out for us and protecting our information so I don't have to worry about that myself. Read More
    Lydia Johnson-Grady, Director
    Randolph-Tucker Children's Advocacy Center

Copyright © 2023 · MiTec Computer Solutions, Inc. · 40 Skinner Lane, Elkins, WV 26241 · Powered by Tech Site Builder