LastPass users need to take steps to protect their online passwords from unwanted 3rd parties.
It was recently announced that LastPass, a password management service offered as a plug-in for Internet browsers, discovered a vulnerability in their system which compromises the security surrounding their users’ password data and information.
While no further information was given on the specific nature of the vulnerability or what it is capable of, users should consider using alternative methods of protecting their password information as LastPass works to correct the issue.
1) Enable Two-Factor Authentication
Two-factor authentication refers to a log-in method whereby users must present two or more pieces of information to verify their identity and credentials in order to gain access to their designated information.
For example, Gmail allows its users to enable two-factor authentication where users are asked to input their password which automatically generates a numeric code sent to their mobile device which they have to input in order to access their account.
The beauty of two-factor authentication is that the users must possess both pieces of information in order to access their account. In the Gmail example, if a hacker obtained your password but not your identification code, they would be not be able to break into your Gmail account.
PIN numbers, security questions, and RSA tokens are all examples of authentication mechanisms that users can pair with their passwords in order to have two-factor authentication.
In the wake of LastPass’ security vulnerability, it is recommended that users enable two-factor authentication on their online accounts when it is offered. This will help provide an extra layer of protection to your accounts.
2) Update Your Passwords
This is a timeless tip. Whenever your passwords are threatened, the safest thing to do is to change them. Consistently updating your passwords is a great way to proactively protect your online accounts as hackers looking for this information could be thrown off by its ever-changing nature.
The one caveat to keep in mind is if you choose to update your passwords and you are a LastPass user, do not put these updated passwords into Last Pass, at least for the time being. Due to the security vulnerability, this would defeat the purpose of keeping your passwords safe.
Weathering the Storm
While the extent of LastPass’ security vulnerability has not yet been disclosed, the fact that such a vulnerability exists should serve as a call to action for LastPass users to take the necessary precautions to protect their online password information.
Courtney Rosebush is a Marketing and Sales Coordinator at Triella, a technology consulting firm specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium sized firms. Courtney can be reached at 647.426.1004 x 227. For additional articles, go to www.triella.com/publications. Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Kaspersky Reseller.
© 2017 by Triella Corp. All rights reserved. Reproduction with credit is permitted.