LastPass Drops Premium Requirement for Mobile Apps

Subject: General Tech | November 6, 2016 - 02:11 AM |
Tagged: lastpass

If you're using the free version of LastPass to guard your passwords, you can now access your vault through the mobile app for free. Previously, a subscription to LastPass Premium, which is about $12 per year, was required to use the service outside of desktop browser extensions and the website. The subscription service still exists, but for its other benefits, like sharing your vault with up to five other users, two-factor authentication through YubiKey, or securely storing 1GB of files (which could be good for things like encryption keyfiles to personal web servers).

lastpass-2016-logo.png

The native Windows “LastPass for Applications” is still Premium-class, though.

If you are still interested in LastPass Premium, they are participating in the Humble Lifehacker Software Bundle. Users who do not currently have LastPass Premium, who also pay more than (currently) $7.64 USD, will get 12 months. They will also get DisplayFusion and CyberGhost VPN, as well as everything in the $1 tier, like a couple of Stardock enhancements for Windows.

Source: LastPass

Potential LastPass Break-in Disclosed by LastPass

Subject: General Tech | May 5, 2011 - 06:05 PM |
Tagged: security, lastpass

One of the most important parts of security is authentication. A lot of our methods of authentication online revolve around passwords. There is an expectation these days that you are required to remember large passwords composed of completely random characters including numbers and symbols each unique from each other in the event that one source compromises the password you provide it. This necessity confronts our human nature of having terrible memory. Many programs have made attempts at solutions by storing and generating secure passwords for you.

lastpass.png

                           ^second

LastPass is currently one of the most popular platforms for that such need. Wednesday, Lastpass announced on their blog that they have noticed on odd behavior on Tuesday morning in their network traffic without being able to track the source. The security firm claims that while they are unable to tell if user data was compromised that there was a possibility that their list of user email addresses and the corresponding salted and hashed, an algorithm designed to encode data in a way that is almost impossible to ever decode, passwords. Passwords are hashed since the server does not need to know what the password is, only whether it is the same as what was input by the user, so storing the password itself is just asking for trouble in case of intrusion.
 
LastPass is claiming that they will require their users to change their master password especially in the event that your LastPass password is easily guessed. Currently I have not received such notification on my account but comments on their blog suggest that some have been notified of this requirement. If anything this potential break-in illustrates just how hard actual security is and how much of a concern it should be for the general population at all times that valuable information is being handled.