LastPass security flaw identified


Mar 25, 2003
Reaction score
The topic of password managers came up on the forum today, as a recommendation for how users can keep track of multiple unique passwords. Well unfortunately users of the LastPass password manager have been advised to 'exercise caution' after a security vulnerability was discovered last weekend. Wired has more:

Google's Tavis Ormandy tweeted, on March 25, to say he had found the problem and was due to report it to LastPass so the company could fix the issue. Ormandy did, however, say the problem was a new one. Both Ormandy and LastPass will publish more details once the flaw has been addressed.

It isn't the first time flaws have been found in LastPass' code. Earlier in March, Ormandy told LastPass about a security vulnerability that could have allowed attacked to stream users' passwords. The problem arose by allowing hackers to access privileged LastPass system commands but the firm said it had not seen any evidence of the issue being used by hackers.

Read more here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question