LastPass Data Breach – Are Password Managers Safe to Use?

Sign representing danger due to security concerns about password managers
Sign representing danger due to security concerns about password managers

LastPass Data Breach: Are Password Managers Safe to Use?

Should you be using a password manager?  We all have very serious concerns about password managers.

 

LastPass, possibly the most popular password manager had a serious security breach at the end of 2022.  Sadly, they are not the only ones.

Norton Password Manager had a security breach in December 2022.

In addition, it seems that roughly 35,000 PayPal accounts were compromised via credential stuffing during December 2022.  Credential stuffing is when someone attempts to access an account with the login details from data breaches that are listed or sold on certain websites.

The targets and timing of the attacks seem like a well-timed and coordinated attack.  

There is a very important question in our minds, are password managers safe?  Should we place all our eggs in the same basket and leave the basket in a place where everyone can see it? 

It seems that many cloud services are not implementing some security solutions that most clients would expect they all have deployed with their services.  Poor security is not good for the service providers and it is not good for all of us using their services.

 

What can we do to stay protected? 

 

Over the years we have had many debates about password managers and alternatives. 

Most security experts agree that there is no perfect security solution and there is always a risk factor with all security services.  For that reason, the security solutions have been designed using security layers or fences.  Password managers are more secure every day, but they are visible targets for the bad guys.

 

The attacks against the password managers is not something new.

 

You should contact your service provider for specific advise regarding your service, if you suspect your account has been affected by any of the recent security incidents.

 

I can recommend a website to check whether any password was ever leaked in a data breach.  Passwords that have been compromised should never be used again, and for that reason we recommend to visit their site and find out if your passwords have any dangerous past: 

https://www.experte.com/password-check

 

Should you be using a password manager after these security incidents?  

 

Should we give away the responsibility of protecting our passwords to a third party or should we be responsible for protecting our passwords?

There are many ways to keep our passwords encrypted and protected away from public view.

How do you keep yourself accountable for all your passwords? 

There are good news, you can safekeep with encryption your own passwords without a password manager. 

If you need assistance to safekeep your passwords with a secured encrypted solution in your own network or your own devices, please call us now on to explain and then deploy the solution for you or your organisation. 

To discuss your business requirements, please contact us on +44 (0) 20 7101 1160.  Alternatively, please request a callback and we will be in touch ASAP.