I’m sure I am not the only one who saw this news from LastPass yesterday and almost had a heart attack.
LastPass Hacked, Change Your Master Password Now http://t.co/JoGNdlJcP6 > Oh CRAP
— Mitch Cohen (@curiousmitch) June 15, 2015
After reading and digesting the news (and changing my master password) I concluded that I am still more secure with LastPass than without it. I would also make that statement about any of the other popular secure password managers out there, I just happened to land with LastPass and am a satisfied user.
For those who are customers of other products, don’t be so quick to jump on LastPass, it was simply their turn now, clearly anyone in this space is going to be a target.
So I will continue to rest easy knowing my data is in LastPass for the following reasons
- They were completely transparent about what happened, explained it clearly, and immediately implemented additional security measures to protect their users data
- I have Two-Factor authentication enabled, so even if my master password was stolen (which it was not) I am still in pretty good shape
- I take advantage of LastPass’s feature which allows me to limit the countries from which my account can be logged in t0 (sure the United States is a big country and there are ways around this, but every little bit helps)
- I like the way LastPass has reacted to other security issues (like Heartbleed) where instead of using it as a promotional opportunity which is what some of their competitors did, LastPass released a tool to help you figure out which passwords should be changed immediately
I am infinitely more secure having unique, secure passwords for every site, than what I had before I went all in with LastPass, so I think I will continue to use LastPass and sleep at night.