LastPass security flaw identified

Becky

Webmistress
Joined
Mar 25, 2003
Messages
7,424
Reaction score
1,511
The topic of password managers came up on the forum today, as a recommendation for how users can keep track of multiple unique passwords. Well unfortunately users of the LastPass password manager have been advised to 'exercise caution' after a security vulnerability was discovered last weekend. Wired has more:

Google's Tavis Ormandy tweeted, on March 25, to say he had found the problem and was due to report it to LastPass so the company could fix the issue. Ormandy did, however, say the problem was a new one. Both Ormandy and LastPass will publish more details once the flaw has been addressed.

It isn't the first time flaws have been found in LastPass' code. Earlier in March, Ormandy told LastPass about a security vulnerability that could have allowed attacked to stream users' passwords. The problem arose by allowing hackers to access privileged LastPass system commands but the firm said it had not seen any evidence of the issue being used by hackers.


Read more here.
 
Back
Top