Regular readers of this blog and my Daily Tech Tips Newsletter know I’m always warning everyone about the grave dangers of using any type of password manager.
If you’re unfamiliar with the warnings I’ve issued in the past you’ll find them right here.
Well, LastPass just suffered yet another successful hack attack, and for the first time the hackers managed to steal tons of user data – including actual encrypted customer password vaults.
That means if the hackers somehow manage to get those users’ master passwords they’ll have immediate access to the password for every account those users have.
That’s the problem with putting all your password “eggs” into one basket. If the basket get stolen (like LastPass’ customer password vaults) every “egg” (i.e. password) you own could end up getting compromised.
The naysayers will say “But they still need your master password!). And they’re right.
But think about this…
Have you ever had one of your passwords get compromised? Or even more than one?
Chances are, the answer is yes. If the next password that gets compromised is the master password…well, you know.
Truth be told, passwords get compromised every day, even for folks who are careful and diligent. After all, things happen.
It’s much better to have the password for just one account get compromised than the one that unlocks all of your accounts in one fell swoop. But can you guarantee that the one that gets compromised isn’t the master key to the password vault’s lock?
I won’t chance it. Hopefully you won’t either.
All it takes is one mishap to ruin an entire digital (and likely financial) life.
After every breach LastPass tries to reassure their users that the latest hack was no big deal because of the way the LastPass system works. And for the most part, they’ve been successful in those attempts.
But here’s the thing: Every hack results in the hackers getting deeper into LastPass’ systems and stealing ever more sensitive info. And this last one was a doozy.
I’ve said it before and I’ll say it again: Using ANY password manager puts your entire digital life at risk.
When the big one comes (yes, that’s when, not if), there are going to be a lot of unhappy users who just found out that every password to every account they own is now in the hands of a hacker.
And by the way, before you accept LastPass’ latest “Yeah, it was bad, but not really that bad” line, you might want to read these news reports:
It’s just a matter of time, folks. And it appears that the time is drawing ever closer. I’ll say it one more time…
Using a password manager puts your entire digital life at risk. Just sayin’.