The way security and privacy protection is now is fine for 90%+ of us. You have to just trust your safe, because the only alternative is stay off the internet. No one here can tell anyone EXACTLY what is being blocked at all times from the thousands or millions of places that want your data. Most users are basic users meaning basic security and privacy settings are more than enough for them. But don't say X browser is more secure than Y browser.
![is lastpass browser extension secure is lastpass browser extension secure](https://www.safetydetectives.com/wp-content/uploads/2020/07/LastPass_Review_5-1024x573.png)
#IS LASTPASS BROWSER EXTENSION SECURE PASSWORD#
However, it was possible to gain hashed user’s master passwords, email addresses, and password reminder questions via the exploit. Just pick which one you like better for how it improves your productivity, but again, I'd steer towards the established browsers unless you have a specific use for another like having an integrated VPN or adblocker or something. In 2019 Travis Ormandy, Google Project Zero researcher found the LastPass browser extension vulnerability, which could be used to steam user data. Both Bitwarden and LastPass are popular for their highly secure password-sharing feature.
#IS LASTPASS BROWSER EXTENSION SECURE FREE#
This isn't an I told you so moment, it's the truth. LastPass caught my eye with its free browser extension. You're lying to yourself if you think that. More than any other.īoth are also far bigger targets then the little guys poppin up claiming your data is safe, but no one is safe. Your passwords are never safe with any company, so I went with the biggest names because they have the bigger reputation to protect and bigger bankroll, where this other guys don't have that.
![is lastpass browser extension secure is lastpass browser extension secure](https://media.cybernews.com/2020/12/lastpass-chrome-extension-2.png)
I used LastPass when it first came out for a bit then stopped when I thought more about security. Concerned users should also consider changing their master passwords. It's important to note that none of the login attempts have penetrated LastPass' two-factor authentication, which you should probably already be using for any service that offers it. Some other attempts came from India, and at least one other came from Thailand. The site is connected to an IP address associated with more than one of the login attempts, which appears to be from Brazil. One theory on the forum suggests that someone is exploiting a LastPass browser extension vulnerability through an exceptionally well-crafted phishing site. Here’s how LastPass protects you and steps you can take to stay secure: /rcWSIo9Q1x UPDATE: To reiterate, we have no indication that #LastPass was breached or compromised. Some users on Hacker News say they got login notifications after recently switching to new, unique passwords. The company believes the credentials came from past unrelated service hacks. Others report getting email notifications of strange login attempts on newer active accounts.Īfter looking into the reports, LastPass released a statement claiming it doesn’t think the service itself was compromised. However, it does not appear to be isolated to defunct credentials. LastPass users on the Hacker News forum are reporting login attempts on old and inactive accounts. The password manager company claims these likely came from reused passwords uncovered from unrelated hacks, but some users disagree and have suggested various theories.
In brief: LastPass users began reporting login attempts from unknown locations using correct master passwords earlier this week.