LastPass Accounts Can Be 'Completely Compromised' When Users Visit Sites

Reader mask.of.sanity writes: A dangerous zero-day vulnerability has been found in popular cloud password vault LastPass, which can completely compromise user accounts when users visit malicious websites. The flaw is today being reported to LastPass by established Google Project zero hacker Tavis Ormandy who says he has found other "obvious critical problems". Interestingly, Mathias Karlsson, a security researcher has also independently found flaws in LastPass. In a blog post, he wrote that he was able to trick LastPass into believing he was on the real Twiter website and cough up the users' credentials of a bug in the LastPass password manager's autofill functionality. LastPass has fixed the bug, but Karlsson advises users to disable autofill functionality and use multi-factor authentication. At this point, it's not clear whether Ormandy is also talking about the same vulnerability.

FUCK MILLENNIAL SNOWFLAKES

All millennials suck. I hate millennial snowflakes. Just remember your damn passwords and you'll have no trouble. Fuck millennials and their lazy security. Die in a fire.

Re:FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

Remembering passwords is terrible security practice. It leads to password reuse, very weak passwords, written down passwords, forgetting to change your passwords at least yearly, etc.

Using a password manager is ideal. The problem is using LastPass specifically is dumb; it's proprietary and closed source, so nobody has any idea what's going on with those passwords, nor if the company behind it is using optimal security practices. It plugs into your browser, so the attack surface is basically your entire computer.

Use a FOSS password manager that store your passwords locally (i.e. does not connect to the Internet) and through an encrypted hash, like KeePass. LastPass is a bad idea on a number of levels.

Re:FUCK MILLENNIAL SNOWFLAKES

All millennials suck. I hate millennial snowflakes. Just remember your damn passwords and you'll have no trouble. Fuck millennials and their lazy security. Die in a fire.

Yea guys we millennials should remember our 200 passwords the same way the tech savvy Gen X people do...make them all the same! Or better yet, do what I already see everyone else doing and write them all in a notebook and keep in your top desk drawer. Sooo much better than us millennials and our lazy security...

Re: FUCK MILLENNIAL SNOWFLAKES

Actually, closed source software is better. If there's a vulnerability in open source software, anyone can look a the source code, find the security holes, and then exploit them. Closed source software is definitely far more secure.

Re:FUCK MILLENNIAL SNOWFLAKES

[sirber]

Keepass + Browser saved passwords, works flawlesly.

Re: FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

Actually, closed source software is better. If there's a vulnerability in open source software, anyone can look a the source code, find the security holes, and then exploit them. Closed source software is definitely far more secure.

... in other words, security by obscurity. That's not a discredited practice or anything.

Re:FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

All millennials suck. I hate millennial snowflakes. Just remember your damn passwords and you'll have no trouble. Fuck millennials and their lazy security. Die in a fire.

Yea guys we millennials should remember our 200 passwords the same way the tech savvy Gen X people do...make them all the same! Or better yet, do what I already see everyone else doing and write them all in a notebook and keep in your top desk drawer. Sooo much better than us millennials and our lazy security...

True story: somebody told me once that he made all of his passwords his social security number, because he was tired of remembering so many. If the site required letters in addition to numbers, he would suffix it with his initials.

Even more horrifying than that, his email address was his full name and birth year @ hotmail.com...

Re: FUCK MILLENNIAL SNOWFLAKES

You're a dumbass. But I expect nothing else from a millennial. Closed source is one layer of security along with memorizing passwords and encryption. Removing any layer of security is stupid. Opening up the source so anyone can find vulnerabilities and exploit them is as stupid as removing encryption and storing passwords plaintext. You millennial snowflakes really are pretty stupid.

Re:FUCK MILLENNIAL SNOWFLAKES

KeePass is not necessarily safer: http://www.harmj0y.net/blog/redteaming/keethief-a-case-study-in-attacking-keepass-part-2/

Re: FUCK MILLENNIAL SNOWFLAKES

And yet GPG is the de facto standard encryption library.

Re: FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

You're a dumbass. But I expect nothing else from a millennial. Closed source is one layer of security along with memorizing passwords and encryption. Removing any layer of security is stupid. Opening up the source so anyone can find vulnerabilities and exploit them is as stupid as removing encryption and storing passwords plaintext. You millennial snowflakes really are pretty stupid.

That's funny, I didn't know Bruce Schneier was a millennial. Oh well. Use closed source security solutions if you like. After all, why use something FOSS that you can patch in minutes when you can wait for your vendor to take their time and do it for you?

Re: FUCK MILLENNIAL SNOWFLAKES

[kruug]

If there's a vulnerability in open source software, anyone can look a the source code, find the security holes, and then exploit them.

If it's open source, there's also the possibility of looking at the source code, finding the security holes, and submitting a patch to close the hole. More eyes make problems shallower.

Re: FUCK MILLENNIAL SNOWFLAKES

No it's not. Only obscure, niche open source projects use GPG. It might be a de facto standard for how to be vulnerable, but that's about it.

Re:FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

KeePass is not necessarily safer: http://www.harmj0y.net/blog/re...

Why don't you read the article you quoted?

"To reiterate from the last KeePass post, KeePass is not “bad” or “vulnerable” – it’s a much better solution than what we see in many environments, and the developers did pretty much everything right when coding it (including strong in-memory protections and DPAPI). Still, some admins/companies sometimes tend to see solutions like this as a silver bullet, so one point of this post is to (again) show that practical attack vectors against KeePass and similar vaults are not unrealistic. Our intention is not to convince anyone NOT to use a password manager (we believe you definitely SHOULD use a password manager), but rather to combat the false sense of security it may give some users."

Besides, the attack they're using requires being able to access your computer's memory. If you're already compromised to that degree, you're pretty screwed.

Re: FUCK MILLENNIAL SNOWFLAKES

So what proprietary, closed library do you use?

Re: FUCK MILLENNIAL SNOWFLAKES

...After all, why use something FOSS that you can patch in minutes when you can wait for your vendor to take their time and do it for you?

Not everyone is Microsoft, the company fixed it overnight.

Re: FUCK MILLENNIAL SNOWFLAKES

[KingMotley]

No. It uses a standard, well known encryption algorithm - specifically https://en.wikipedia.org/wiki/... and https://en.wikipedia.org/wiki/... as stated here https://lastpass.com/how-it-wo... so the encryption technique isn't security by obscurity. That took a total of 10 minutes to find out, and that isn't what was broken.

Re: FUCK MILLENNIAL SNOWFLAKES

YHBT (twice). YHL. HAND.

Re: FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

No. It uses a standard, well known encryption algorithm - specifically https://en.wikipedia.org/wiki/... and https://en.wikipedia.org/wiki/... as stated here https://lastpass.com/how-it-wo... so the encryption technique isn't security by obscurity. That took a total of 10 minutes to find out, and that isn't what was broken.

I wasn't talking about LastPass, I was responding to the person arguing that closed source is inherently more secure.

Re: FUCK MILLENNIAL SNOWFLAKES

It uses a standard, well known encryption algorithm

Or so the salesperson claims.

Re: FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

...After all, why use something FOSS that you can patch in minutes when you can wait for your vendor to take their time and do it for you?

Not everyone is Microsoft, the company fixed it overnight.

But that's the problem. I have to *trust* that they'll proactively and competently fix security holes. That's the inherent flaw in proprietary security patches.

Re: FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

YHBT (twice). YHL. HAND.

I'm aware he's trolling, but if it gives me an opportunity to open up the discussion to people reading the thread, why not take advantage of it?

Re: FUCK MILLENNIAL SNOWFLAKES

[Archangel+Michael]

"Trust" is subjective. I have to "Trust" someone.

Re:FUCK MILLENNIAL SNOWFLAKES

It leads to password reuse, very weak passwords, written down passwords, forgetting to change your passwords at least yearly, etc.

Only if your memory is complete shit. Maybe you should lay off of the drugs.

Re: FUCK MILLENNIAL SNOWFLAKES

Using open source doesn't guarantee that you or anyone else will be able to or can be bothered to fix it. We are not all experts at every aspect of every open source software we use.

I would still opt for the open source password manager, but not for the reasons you are using.

Re:FUCK MILLENNIAL SNOWFLAKES

Human memory is complete shit, only a jackass member of Mensa who regularly engages in mental masturbation to worthless puzzles would think otherwise.

Re:FUCK MILLENNIAL SNOWFLAKES

Using any online service that requires a password to function is terrible security practice. It leads to password reuse, very weak passwords, written down passwords, forgetting to change your passwords at least yearly, etc. Just do everything involving money offline.

FTFY.

Re: FUCK MILLENNIAL SNOWFLAKES

I remember 30-ish unique 20-40 character long passwords. (Or rarely sub-10 for some crappy sites)
I can guarantee they'll not be brute-forced easily even with a dictionary file with only the digits / words / symbols I used. (I tried. Yes, properly)

It is trivial to create a simple password generator you can go over in your head or paper if you have crap memory for keeping a running counter going. (I'm not even that good at doing mental arithmetic)
The strongest pass(es) I have is up in the 100s, quadruple encrypted. (Important docs container)

Fact is, 20 random digits is inferior to 20 common English words.
Throw an uncommon (made-up preferred) word / digit in there and you shit on every single dictionary brute force.
Replace spaces with a number and it'll require several universes of computation.
Password leaked from a crappy host that never encrypted? Change the uncommon word. Done.
Password managers are stupid. Physics agrees.

Re: FUCK MILLENNIAL SNOWFLAKES

[tomxor]

"Trust" is subjective. I have to "Trust" someone.

But apparently the OP doesn't have to trust anyone... In which case I'm pretty sure that before using his computer he reads and comprehends every single one of the millions of lines of code that comprise his open source software stack before compiling and using it on his open source hardware which he has painstakingly verified with a TEM after going through the RTL source to make sure the fab wasn't trying to subvert his privacy.... All while being wrapped in a giant tinfoil snowball orbiting Pluto to keep away from those pesky TEMPEST spies.

I mean... yeah, you gotta trust someone when you use tech, whether or not it's open source you still have to trust people.

Re:FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

It leads to password reuse, very weak passwords, written down passwords, forgetting to change your passwords at least yearly, etc.

Only if your memory is complete shit. Maybe you should lay off of the drugs.

I take it you have 30+ instances of stuff like P8i*SDz=!E4i^\4#b}~A45kcHf^^S remembered?

Re:FUCK MILLENNIAL SNOWFLAKES

Why is that horrifying? It isn't me.

Re:FUCK MILLENNIAL SNOWFLAKES

[TechyImmigrant]

> store your passwords locally and through an encrypted hash

I'm a cryptographer and I don't know what that means.
If I presented the encrypted hash of my password to a web site, it would tell me my password is wrong.
The storing of a hash of a password, encrypted or not is the business of the authenticator at other end.

Maybe you meant to say: A password manager should encrypt, integrity protect and store you passwords locally.

Re: FUCK MILLENNIAL SNOWFLAKES

There are no guarantees. Does that really need to be said? Seriously? Open source certainly increases the probability of it being fixed though.

Re:FUCK MILLENNIAL SNOWFLAKES

[Xicor]

i try to have secure passwords for everything, but some of the things i have issues with are all of the changing requirements for each website, password length limits, etc. It is hard enough to come up with secure passwords that are different for every site that you can still remember. (usually involving some sort of algorithm that changes the password on a site-by-site basis but still is rememberable).

It is far more difficult to remember hundreds of passwords when 20 of them have a password character limit that is below 20, 20 of them have ridiculously long lists of requirements ranging from 'must be 8 characters or higher' to 'can not have any consecutive digits or consecutive characters' to even shit like ' can not use any special characters'

Re: FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

Using open source doesn't guarantee that you or anyone else will be able to or can be bothered to fix it. We are not all experts at every aspect of every open source software we use.

But that's the beautiful thing about open source. A bug is reported, and for whatever reason the maintainer won't fix it (incompetence, laziness, untimely death, etc.). You can recompile the project yourself with the fix. I did this very thing with a Thunderbird extension that the maintainer forgot about but broke with a new TB release; somebody left the fix in the reviews.

If Microsoft or some other company declares a project EOL, no luck in hell you're getting that fixed.

Re:FUCK MILLENNIAL SNOWFLAKES

[LichtSpektren]

You're right, I spoke with imprecision. Mea culpa.

Re:FUCK MILLENNIAL SNOWFLAKES

[Speck'sBacon]

And get off my lawn!

Expected

Well, that's the cloud for you. Stop connecting stuff that doesn't need to be connected.
The best firewall- route to null

Re:Expected

[Sneftel]

The exploit doesn't seem to have anything to do with "the cloud". Once you're logged in to LastPass and your vault is downloaded, password decryption and form filling happen locally.

Re:Expected

[LichtSpektren]

Well, that's the cloud for you. Stop connecting stuff that doesn't need to be connected. The best firewall- route to null

Hey, don't blame the cloud. I'll state on record that I store my passwords in the cloud. I have a KeePassX database that syncs via ownCloud. But decrypting the database requires both my master password, and a key file that I only store locally. So even if the ownCloud server's breached, my data is not in danger. (As an extra precaution, I also encrypt everything before I put it in my cloud folder, but that's just paranoia.)

The problem again is LastPass. Nobody knows if their security practices are any good, and the attack surface is huge.

Re:Expected

Jeezus. Child porn much? *Submitted to be added to watch list*

Re:Expected

[LichtSpektren]

Not at all. I don't do anything illegal that I am aware of. I just don't want hackers having all my passwords, and infosec is a hobby of mine.

Re:Expected

[Sneftel]

The problem again is LastPass. Nobody knows if their security practices are any good, and the attack surface is huge.

Well, their online security practices are relatively unknown, but they're also kind of beside the point. Yes, LastPass won't hand out someone's vault without some sort of authentication, but that's just fences around brick walls. The real means of security is in the client, which is the only part capable of decrypting the vault (decryption keys never being uploaded). The client source code is available and has been audited, so you can feel pretty good about that, short of the Ken Thompson hack or the possibility of the local computer itself being hacked (which, of course, would affect any password manager).

Re:Expected

I have your passwords

Re: Expected

LOL LOL I USE OPEN SOURCE SO I CAN'T BE HACKED LOL LOL

Look at me, I store all my passwords in the cloud, which can't possibly be hacked. I use open source, which can't possibly be vulnerable. Despite all the other encryption schemes that have been broken, I encrypt my passwords with one that will never, ever, ever be broken. I can't be hacked! LOL at all you Windows losers! I am 100% secure forever! LOL LOL! Yay for millennials like me! LOL!

Re: Expected

Strawman arguments are lies.

Re:Expected

[LichtSpektren]

The password manager shouldn't connect to the Internet in the first place. But you're wrong that the LastPass client is the only attack surface; somebody can compromise my account. And I don't know what the LastPass company (LogMeIn) does to keep my account information safe.

Re:Expected

[Asgard]

Compromising the account only gets them an encrypted blob -- only the client can decrypt it.

(Now, nothing says LastPass can't publish a subverted client, I've never heard how that is protected against).

Re:Expected

[Big+Hairy+Ian]

Just goes to show the only safe place to store your password is in your head!

Re:Expected

[LichtSpektren]

Compromising the account only gets them an encrypted blob -- only the client can decrypt it.

(Now, nothing says LastPass can't publish a subverted client, I've never heard how that is protected against).

Somebody can brute force your master password once they have your encrypted vault.

Re:Expected

[green1]

Then why give all your passwords to a third party in the first place? Seems like this is pretty much the expected outcome.

You're not supposed to use the same password on multiple sites, because if someone gets access to that password, they get access to all the other sites too. Thing is, by putting all your passwords in a keyvault behind a single password, you've done exactly the same thing!

If I'm going to make my passwords vulnerable by having one password that will get in to multiple sites, I'll do it the old fashioned way and use that password on those sites. It will be more secure than adding yet another website to be compromised.

Re:Expected

[SScorpio]

If a site has shitty password storage and is compromised that password is leaked and their are bots that try logging into other sites using the same credentials. By having different passwords for different sites you can prevent this.

There are password vaults that keep everything local if you are worried about security.

Re:Expected

[green1]

But this site DOESN'T keep it local, and that's exactly the point.

Re:Expected

[PRMan]

So, KeePassX sounds identical to LastPass, then.

Re:Expected

[Sneftel]

One generally uses a long, complex password for their password vault (which is fine, since you only have to remember the one password). This, combined with PBKDF2 backed by SHA-256 iterations, means that it's not realistically possible to brute-force the vault before the sun goes out.

Re:Expected

[VirginMary]

"One" might do that but what about "Two" or "Three"? Do they do that, too? I very much doubt it.

Re:Expected

They aren't getting your passwords. They are getting an encrypted vault of your passwords.

Re:Expected

[mrchaotica]

The difference is that using KeePass I can choose where I want to store the vault (in any random vendor's cloud or in no cloud at all), which means not only that I can pick the place with the security I prefer, but also that an attacker has a lot more places to look for it.

Re:Expected

[green1]

If you can decrypt it using a password, so can they. If you can't, you might as well use a random number generator instead of a keystore.

Re:Expected

[Sneftel]

I have no idea. Probably not. They probably use "password1" for all their sites. Whom shall we blame for that?

Re:Expected

[vux984]

One generally uses a long, complex password for their password vault (which is fine, since you only have to remember the one password).

No. One does not. Because one needs to repeatedly enter that password in everytime one access anything, from as menial as slashdot to as important as one's bank.

Plus one needs to be able to enter it on a smartphone too; again... repeatedly.

Remembering a long complex password is easy. Repeatedly entering it over and over and over again is painful. So the practical length of most people's vault key is relatively short.

So while my bank password is long and complex and random, and i don't even know what it is; my vault password is shorter and easier for me to remember and use.

So my bank account and so forth is secure from bruteforce attacks directly on it, as well as immunity from password re-using since each is random.

My vault is relatively secure, you'd need to get a hold of it from me; and the vault password is relatively secure, but its not a 200 character pass phrase... simply because I'd go mental entering something like that in over and over again... or on a smartphone.

I've actually mitigated it a little bit as I use different vault files for different passwords, so I've actually got a couple vaults; and the vault the bank account is in is harder than the junk account vault, but while its better its still not ideal.

Re:Expected

[jgriffith325]

I don't doubt it. Why would someone who uses short, simple passwords be using a password manager in the first place?

Re:Expected

There are password vaults that keep everything local if you are worried about security.

I keep my KeePass database in a Truecrypt partition which gets uploaded to a zero-knowledge cloud backup (BackBlaze). Good luck getting through three different encryption protocols - each with their own STRONG password. Two layers if local machine and if I'm compromised on my local machine I'm already screwed with or without the KeePass database.

Frankly I'm more worried about a $5 wrench these days than somebody compromising my password database.

Re:Expected

[Swave+An+deBwoner]

Eve would blame Bob and Alice.

Re:Expected

[SScorpio]

And it's still better than your terrible example of using a single password for all sites. Sites HAVE been hacked, other sites HAVE been logged into via bots because someone used the same credentials on multiple sites.

LastPass only stores an encrypted blob. Any decoding is performed client side.

Re: Expected

In that both are places to store passwords, sure. Other than that, not really.

With LastPass, you have to pay a subscription to use their service. They upload your password file to their servers, encrypted with a password that they don't store. I don't use their service, so I can't say for sure, but presumably you have an account password and a password to decrypt the DB. They store an encrypted hash of the account password to use for authentication purposes. Once your account is authenticated, they give you the DB which you can use the second password (which they don't store any form of) to decrypt it.... But the key point here is that your password database resides on their servers.

With KeePass, you use the software (downloaded for free) to create an encrypted database file. You can choose to protect that only with a password, or a separate key file, or a Windows account... Or any combination of the above. You can also choose what to do with they database... Only store it on an encrypted USB stick, use cloud storage (eg, DropBox), host it on a private server attached to the Internet behind sofiaticated IDS on an obscure port, or post it on Facebook. How well you protect the file is up to you.

Myself, I use KeePass with a password and a key file. I keep the database in sync with my multiple devices using DropBox... But the key file has never been on the Internet. When I put it on my phone (which is encrypted itself), I used a USB cable. I have multiple databases, one of which I share with my wife via DropBox, but each has its own password and key file.

I'm posting anonymously for the obscurity. I know that security through obscurity is not really security... But obscurity can certainly be a layer in your security.

Re:Expected

[green1]

And now there's one more site that can be hacked, and it will provide an "encrypted blob" that the attacker can easily decrypt and get your password for EVERY site, not just a couple.

Password managers that have ANY online component are a massive security breach. You'd be more secure using the same password you use for your password manager on all those sites independently, same password will compromise everything (no different from if the password manager is compromised) but you only have N sites that can be compromised instead of N+1 (+1 being the password manager site)

cloud password vault is vulnerable

[fustakrakich]

Yeah most vapor is easily penetrable. Imagine what would happen to an airplane if it wasn't.

Would it really be incorrect to assume that keeping a local text file with your passwords is quite a bit more secure than anything in the Cloud?

Re:cloud password vault is vulnerable

Not from a storage standpoint. Lastpass does encryption locally so nothing cleartext is ever transmitted over the wire or stored in the cloud. However, that says nothing of the strength of their encryption or if it has a backdoor, nor the security of the addon itself or the browser.

Re:cloud password vault is vulnerable

[cdrudge]

Would it really be incorrect to assume that keeping a local text file with your passwords is quite a bit more secure than anything in the Cloud?

How do you access your locally kept text file when you're not on your local desktop? That's the advantage that a cloud-kept password gets you. Of course it comes with the disadvantage that it may be more vulnerable, so some might say that the disadvantage isn't worth the advantage.

Re:cloud password vault is vulnerable

[fustakrakich]

How do you access your locally kept text file when you're not on your local desktop?

Oh c'mon... Do I really need to spell out where you can keep a local copy?

Re:cloud password vault is vulnerable

[cdrudge]

So you're going to keep a local copy on your work computer, and your home desktop, and your cell phone, and your tablet, and your friend's computer, and your...

Re:cloud password vault is vulnerable

[fustakrakich]

You've gone off the "deep end" with the absurdities there, buddy. You work for the IOC?

*sigh* I guess I do have to spell it out... Keeping it on my cell phone should be sufficient, wouldn't you agree? I mean, you know, I usually have that one with me, even when I'm on the shitter.

Re:cloud password vault is vulnerable

[mrchaotica]

Reading my 30-random-character password off my cellphone and manually typing it in to my desktop is not my idea of a good time. Therefore, I use keepass and store the database on a cloud drive sync'd between systems so I can copy-paste on each.

Multifactor authentication is a datamining scheme

The entire "2FA" concept is simply an info grab masquerading as security theater. In what way is it supposed to improve my security by A: Giving a piece of information that is NOT strictly need-to-know to to some random weirdo on the Internet, and B: Tying the security of that thing to said third-party service?

This is not security. This is simply an attempt to grab information masquerading as security theater. Real security has always worked based on the premise that a piece of information exists that is known only to two parties. We call this a "password". If one is not good enough, you can add a SECOND password. This avoids the involvement of any third parties which can add more holes to the chain. It's quite common, for instance, for sites to include a security hole: That this password process can be bypassed through a "reset" procedure that essentially invalidates the entire security system and pushes the ultimate security off to some third-party site. Are THEY secure? Who knows...but probably not, since now you have all that information funnelled into that one email. It's a common practice upon compromising an email account to attempt to initiate a password recovery for that email account on any interesting sites to see if you get any recovery mails to them.

At that point your email-based "2FA" is totally worthless and more of a liability than if it was simply a non-automatically-recoverable password that wasn't stored anywhere, with no record of any association with an email address. Throwing in "phones" is even more obnoxious, because A: Not everyone has or desires to have a phone, as phones are a security breach that allows third-parties to remotely track and monitor your physical location at all times, and B: Phones are easily lost or stolen.

I think it's reasonable to say that I'm regarded as one of the more paranoid people around, and I say this entire business is simply a scam. They just want to steal your phone or another email so they can spam you.

Is this a joke?

cloud password vault

You have got to be fucking kidding me. Whose idea was that? Even if you do a good job of it, it's still going to be an over-the-top, in-your-face, obviously stupid idea, self-parodying on the face of it.

Part of me insists that, therefore, this product must not have any users anyway.

And the other part of me knows that everyone-except-me is probably using it, because I live in a world gone mad. WTF is wrong with you people? Do you ever think about anything?!?

Re:Is this a joke?

[Troed]

People who don't understand encryption thinks it's a bad thing.

People who understand encryption shrug their shoulders. I don't care the slightest where my encrypted blobs of data end up.

It looks like the best system for my needs...

[wiredog]

...is a notebook with usernames and passwords written down in it. Primarily because any system I use has to work on Linux, Mac, Windows, iOS, and Android.

I don't actually write down the password, but a description of it. "Usual, first letter cap, +9*3, without old First Sergeant's name" type of thing.

Not exactly...

[myowntrueself]

The headline says 'Lastpass accounts can be completely compromised'.

But this isn't a method of getting the Lastpass account password itself, its a way of getting passwords for specific sites that the malicious site is trying to get passwords for.

That isn't 'completely' compromising the Lastpass account.

Re:Not exactly...

The headline says 'Lastpass accounts can be completely compromised'.

But this isn't a method of getting the Lastpass account password itself, its a way of getting passwords for specific sites that the malicious site is trying to get passwords for.

That isn't 'completely' compromising the Lastpass account.

I would guess based on the description you would have to compromise one stored credential at a time as well.

Re:Not exactly...

[execthis]

Thank you for the sanity. So many derisive and uninformed posts, so much schadenfreude being shoveled out, and not enough basic factual information.

Another thing to consider is that a lot of sites seem to be designed that you can't just autofill to login. Nowadays you have to first click a login link which causes a dropdown form to appear.

I have to ask myself, of the say 10 most frequent sites that I use Lastpass to login to on a regular basis, could any other sites I've visited be ones attempting to maliciously impersonate those sites and steal my credentials? The likelihood is very small.

Re:Not exactly...

[Rolan]

Not to mention that it's not a zero-day.... The vulnerability has already been patched and the patch pushed to users.... Of course, if it's not a zero-day and it's not "completely compromised" it's a lot less interesting.

Re:Not exactly...

[mrprogrammerman]

Why not pretend to be lastpass.com and just get the lastpass credentials and then you get all the passwords?

What's the answer?

[wcrowe]

Remembering lots of passwords is not possible for most people.

Keeping all the passwords the same is not smart.

Using a password vault seems logical, except that any such vault is a huge target for hackers. Certainly any vault in the cloud is just a disaster waiting to happen.

Two-factor authentication is probably the best solution -- unless your phone is at the bottom of the river, or your employer puts you in a spot where phone service is non-existent, like the basement. Of course, for those of you who are doing everything via phone, these two arguments don't apply.

No method is perfect. In the end, each of us are left to work things out as best we can.

Re:What's the answer?

[jon3k]

Two-factor authentication is probably the best solution -- unless your phone is at the bottom of the river, or your employer puts you in a spot where phone service is non-existent, like the basement.

Some services (ie Google) allow you to have a backup phone number. So my advice is buy yourself a cheap Android phone with a pay as you go SIM just for these types of situations. It's cheap insurance. Some people even use a freedompop sim which is totally free. So $50-$100 onetime cost for the phone and $0 monthly cost.

Re:What's the answer?

[execthis]

Thank you for that information. I think the upside of this is that maybe it will prod people to take two-factor authentication more seriously.

By the way, never saw 21:19 before. I love it. Reminds me of 17.1.

Re:What's the answer?

[wcrowe]

The thing I personally dislike about two-factor authentication is that I have to give a bunch of people I don't even know, my phone number. However, it would be tempting to get a cheap feature phone just for this capability.

Ha! 17:1 is truly wise. I not only love 21:19, I lived it, for 19 years. :-)

Re:What's the answer?

[wcrowe]

Yes, getting a cheap feature phone just for this purpose is very tempting. That's a good idea.

Re:What's the answer?

[eheldreth]

SMS verification is a form of 2fa. Not all 2fa is SMS based. In fact SMS is generally regarded as weakest and least desirable form of 2fa. TOTP is much better and can be done with a phone based client like Google's. I use a combination of TOTP, hardware token based 2fa depending on what the site supports. All sites should be prodded to support hardware token based 2fa.

Read about FIDO U2F to better inform yourself of the options that exist and where things should be heading.

Re:What's the answer?

[green1]

Keeping all the passwords the same is not smart.

Using a password vault seems logical, except that any such vault is a huge target for hackers. Certainly any vault in the cloud is just a disaster waiting to happen.

And therein lies the problem.
For a password vault to work, there has to be a way to access it. To secure it you need something like a password. So now you have one password that gets you in to the password vault, which then has the passwords for everything else.

This is no more secure than just using that same password on every site, in fact it's probably less secure as you now have one more site that can be compromised.

Re:What's the answer?

[wcrowe]

That was informative. Thank you.

Why not a password hasher?

[ma++i+ude]

Password managers seem like an inherently terrible idea, particularly onlines ones.

Can someone explain to me why password hashers are not more common? I've used one for years and really can't understand why nobody else does. Take the master password, append (a portion of) the site's domain name, and hash to arrive at a random password. There's only one password to remember, you get a unique strong password for every website, and everything can be done offline without storing anything anywhere. There are extra refinements to create new passwords to replace e.g. compromised ones, or conform to the site's password length and other requirements, but they are trivial. Extensions are available for browsers and mobiles.

Re:Why not a password hasher?

[AmiMoJo]

Because password hashers are no more secure than password managers that auto-generate long random passwords. If an attacker steals your master password they still get everything. Due to the requirement to meet password length and other requirements, and to allow for changing compromised passwords you still need a file containing those details. There is no benefit over simply encrypting that file with the master password.

You are right about online password managers though, they are an absolutely terrible idea as multiple Lastpass breaches go to show. Use an offline password manager, optionally storing the encrypted file in the cloud if you need it to be portable, but with all the decryption happening outside your browser.

Re:Why not a password hasher?

[ma++i+ude]

If an attacker steals your master password they still get everything.

True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm. Obviously keeping this one master password safe is extra important, but as you only need to remember one, you can probably afford to give it a bit more entropy.

Due to the requirement to meet password length and other requirements, and to allow for changing compromised passwords you still need a file containing those details. There is no benefit over simply encrypting that file with the master password.

Except this file does not need to be secure in any way.

Re:Why not a password hasher?

Randomly generated passwords are more secure than ones based on fixed values that are hashed without salt.

Of course, you're right that online password managers are not secure.

Re:Why not a password hasher?

[LichtSpektren]

A password vault like KeePass can utilize both a key file and a master password. Even if my password is keylogged, I have another layer of security insofar that the attacker needs to also be able to access my local drive. The hasher doesn't have this sort of 2FA.

Re:Why not a password hasher?

[AmiMoJo]

True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm.

Exactly the same as an offline password manager, so no benefit.

Except this file does not need to be secure in any way.

It does. If someone has your salt and the URL of the site, and say that site gets compromised so they have the hash of your hash too. Now they can brute force your master password, and then get into every other site you used it with, and your file has a handy list of URLs where it will work.

It's actually worse than using the master password to encrypt the password file. It's less convenient too; with an encrypted file you can store the user name, secret question answers etc.

Re:Why not a password hasher?

[ma++i+ude]

True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm.

Exactly the same as an offline password manager, so no benefit.

Right, compared to an offline password manager there's no security benefit. I use KeepassX for a few high-security things like financial accounts, but find offline password managers much less convenient for everyday stuff. With a password hasher you can use a JavaScript version from anywhere. (Yes, keyloggers would be an issue. And I host my own copy to make sure it's not backdoored.)

Except this file does not need to be secure in any way.

It does. If someone has your salt and the URL of the site, and say that site gets compromised

...or they are the site owner...

so they have the hash of your hash too. Now they can brute force your master password, and then get into every other site you used it with, and your file has a handy list of URLs where it will work.

First of all, in practice I don't back up the settings file anywhere, as almost all sites work fine with the default settings and the ones that don't I either remember or just reset the password for if required.

Having said that, your point is valid but not an actual concern for me. If someone wanted to waste lots of CPU power brute forcing my (long, random, high security) master password, they probably could do so. But just never reusing passwords is generally enough to limit the damage of the inevitable database leaks and hacks, which is the actual, realistic threat we're dealing with here. Never using the same password twice is the most important protective measure you can take, and hashing is, imho, the most frictionless way to do it.

You could also choose to limit any potential damage by having a few master passwords for different classes of websites.

Re:Why not a password hasher?

[green1]

If you have to have a file on your local drive, what's the benefit to the cloud portion?

And if the cloud portion allows you to download the file you need locally to a new machine, what's the benefit to the file on the local machine?

I'm sorry, one way or the other it's a stupid idea.

Re:Why not a password hasher?

[SScorpio]

The key file doesn't change, the password vault file will change as you add and change passwords.

You manually copy the key file locally to any device you want to be able to open the vault.

The vault itself is synced via a cloud service so all devices can access the latest passwords.

If someone were to get into your cloud storage they could get the vault, but not the key.

This method doesn't protect against locally exploited or physical access, but it stops online security breaches.

Re:Why not a password hasher?

[SScorpio]

Say there is a security breach and you are forced to update your password. With your hasher you now need to update every single site to use the new password.

With a password vault with unique passwords for every site you change the password for that single site and you're done.

Re:Why not a password hasher?

[PRMan]

Multiple LastPass breaches that have never affected me in the least? There are different levels of breaches. I'm sure that somebody stole my password vault from LastPass at some point. I am also sure that they haven't cracked it yet, since my master password is not simple.

Re:Why not a password hasher?

[green1]

So, as I suspected, there's no reason to have the cloud portion, you're better off just having the passwords stored locally as it's MUCH more secure.

Re:Why not a password hasher?

[ma++i+ude]

Say there is a security breach and you are forced to update your password. With your hasher you now need to update every single site to use the new password.

No, you have at least two options:

1. Change the site tag. For example, on the Password Hasher Chrome extension, you can hit the "Bump" button which replaces "slashdot" with "slashdot:1" and gives you a new unique password. The new tag gets stored in the extension settings. I don't use this but it works, and would be good for sites that actually require periodic password updates.

2. Change your master password for that site only. I use a completely different master password for the two or three sites which I know may have been compromised. It's not hard to remember which ones these are.

Re:Why not a password hasher?

[Isao]

Because it reduces security. You are then using the same password on every site. (Since the other component of the hash is known.)

Re:Why not a password hasher?

Typical false sense of security. If your password can be keylogged, then the attacker trivially can and will also download the key file.

Re:Why not a password hasher?

No, the key file never needs to be updated but you often need to update your passwords, so the cloud part allows your passwords to sync regularly.

Re:Why not a password hasher?

[Khyber]

"Even if my password is keylogged, I have another layer of security insofar that the attacker needs to also be able to access my local drive"

If there's a keylogger on your system, your hard drive is likely compromised as well, given how most malware works now days.

Re:Why not a password hasher?

[chihowa]

With the first option, you introduce the need for some state information that you need to store and forever be able to retrieve (and possibly sync between your other devices). You now need a persistent database and you've lost any advantage over just encrypting random passphrases.

The second option starts to move you away from the simplicity or having a single passphrase to remember and eventually leads to just as complicated a situation as just memorizing different passwords for different sites. What happens as the list of compromised accounts increases and some accounts are compromised a different number of times?

Re:Why not a password hasher?

[ma++i+ude]

With the first option, you introduce the need for some state information that you need to store and forever be able to retrieve (and possibly sync between your other devices). You now need a persistent database and you've lost any advantage over just encrypting random passphrases.

Well, maybe. But this state is not highly confidential so you can for example let Chrome store it in the cloud. In practice the number of times a password change is required is small (at least for me), so you can either brute force it (bump until you find the right password) or reset your password if this happens.

The second option starts to move you away from the simplicity or having a single passphrase to remember and eventually leads to just as complicated a situation as just memorizing different passwords for different sites. What happens as the list of compromised accounts increases and some accounts are compromised a different number of times?

Again I see your point. But I've used this system for close to a decade now and I'm only using two master passwords so far. How many passwords have you memorised in the last ten years?

I should emphasise that I wouldn't recommend using this system for everything. I have a completely different set of passwords for banking, and servers I administer, and certain other high-security things. But for general web things I access from home and work, desktop and mobile, coffee shop and library, it works really well and addresses all of the real life threat scenarios I care about. Even if I have to register a throwaway account for a throwaway website, I can still give it a real, strong password that I can recover any time later, even if I don't remember registering for that site. (For full disclosure, the only time the algorithm actually fails is when a site keeps its user database but changes its domain. Then I'll have to remember to update the site tag to the old domain.)

Re:Why not a password hasher?

[chihowa]

I actually like your hash system quite a bit, which is why I'm trying to poke holes in it!

I haven't had to change passwords often and I keep them in an encrypted database instead of memorizing them. I've lost the entire database or some of the entries in the past, so I like the idea of being able to reconstruct the passwords without needing an encrypted list of them. I'll be keeping the encrypted database anyway, because I store other information in it, but generating the passwords with the hash method could make the whole thing more resilient to unexpected data loss.

Re:Why not a password hasher?

"Use an offline password manager, optionally storing the encrypted file in the cloud if you need it to be portable, but with all the decryption happening outside your browser."

OMFG, that's exactly what LastPass is dumbass, except they host the "cloud" that stores your encrypted file. /shakes head/

Re:Why not a password hasher?

[SScorpio]

Again I see your point. But I've used this system for close to a decade now and I'm only using two master passwords so far. How many passwords have you memorised in the last ten years?

Less than a half dozen. One for the password vault, encrypted phone unlock, PC login, work login and one or two others I'm forgetting. The rest are all just random unique passwords per site.

One issue I see with your hash is using it for sites that have piss poor password policies such as your password can't be over X characters long, or it has to contain letter, number, and limited list of symbols, etc. Your hash could possibly not match the requirements. What do you do in this case?

Re: Why not a password hasher?

The cloud portion allows you to keep the database in sync across multiple devices... So why you create a new account or change a password on a site, you can still look it up using your phone. It does not (by itself) allow you to access your passwords on a new device (if you set it up right).

I have a key file in addition to my password. That key file has never been online. When I put it on a new phone, I use a USB cable to copy it directly to the (encrypted) phone. To a new computer, I typically use my memory stick, but have used SCP.

Re:Why not a password hasher?

[ma++i+ude]

One issue I see with your hash is using it for sites that have piss poor password policies such as your password can't be over X characters long, or it has to contain letter, number, and limited list of symbols, etc. Your hash could possibly not match the requirements. What do you do in this case?

The final step of the hashing algorithm maps the resulting hash into a character string. The algorithm allows you to customise this mapping to use only a given subset of characters, or given length. Using this feature will require you to store this metadata in your state file, because you rarely get reminded of these password limitations at login, only at registration. Fortunately these sites are rare; the default policy of 8 characters with alpha + numeric + special – and the algorithm makes sure you have at least one of each – works fine for almost all sites.

I encourage you to download and try one of the implementations. The two I mentioned earlier implement the same algorithm, as does a Firefox version and a portable Javascript version.

Password managers be like

Password managers be like, yo all eggs, meet one basket, dig?

Same vulnerability every password manager has

[Kinwolf]

So lastpass can be tricked to think he is on the real twitter page. Newsflash, so can a human. So the human will also enter his password on that page, no matter the password manager he use.

Re:Same vulnerability every password manager has

As the maker and long-term shareware distributor of a lesser known password manager, I wholeheartedly disagree.

Password managers can be secure, as long as they don't use browsers for anything. It's also a bad idea to store passwords on Android phones, of course, but desktop PCs and iOS should be fine, as long as no browser is involved.

Re:Same vulnerability every password manager has

[KingMotley]

Stop trying to dismiss terrifying news articles by using common sense.

Re:Same vulnerability every password manager has

[AmiMoJo]

It's a slightly different problem. Imagine a site with a hidden login form that impersonated Twitter and made Lastpass auto-fill your Twitter username and password. So at a minimum you should disable auto form filling in Lastpass.

Now imagine an ad network serving up this malware to millions of people.

Where is the Bad Summary Tag?

[Aero77]

This problem isn't specific to LastPass. If a bogus site is masquerading as the real site, any system that doesn't have extensive site validation checks will fail, including and especially, remembering passwords.

Re:Where is the Bad Summary Tag?

[LichtSpektren]

This problem isn't specific to LastPass. If a bogus site is masquerading as the real site, any system that doesn't have extensive site validation checks will fail, including and especially, remembering passwords.

The vulnerability isn't just phishing somebody's login. It's exploiting a bug in the LastPass client that allows you to compromise the user's account after phishing for just an individual site password.

Long Since Patched by LastPass

[tylenool]

This article is nothing but a sensationalist headline. The concept and reading through the guys process were great, but he did alert LastPass prior to posting and collected $1000 as a bounty.

Re:Long Since Patched by LastPass

It is not sensationalist at all. People who write code like that have no business writing security-sensitive software like a password manager.
(And yes, in case you read the article and couldn't believe the developers would be so bone-headed, it is unfortunately true, that was actual LastPass code.)
So they fixed this particular problem. How many more horrors are lurking inside? How many will they unwittingly add in the future?
People who are so unbelievably incompetent cannot be trusted with security, it's that simple.

Re:Long Since Patched by LastPass

[110010001000]

You are right. No big deal. Only before he collected $1000 all of our passwords were compromised. No big deal. Good thing everyone updated too. If not, no big deal. He got $1000.

Clickbait Title

[michaelcole]

"Note: This issue has already been resolved and pushed to the Lastpass users."

Yes, it's important, but the title's present tense is a lie: "LastPass Accounts Can Be 'Completely Compromised' When Users Visit Sites "

Re:Clickbait Title

TFS is talking about 2 different vulnerabilities. Tavis' hasn't been patched yet, Karlsson's has

Good but Not Good Enough

Keepass, period, on a local machine and/or an encrypted USB stick. Don't save anything in a browser even one of the "majors" because it is the doorway to the Internet and *will* be hacked from time to time. What's really annoying is AV makers hacking the browsers to make them worse but that's another story.

Remember, if it's "in the Cloud" it's in somebody else's computer and they or whoever hacks them has access to your stuff. Take suitable precautions.

There was a recent story about the EU doing a security audit on Keepass. That should be interesting...

Journalism

So you're telling me a site like The Register just wrote a 100-word piece on someone's tweet, without any kind of actual details... and called it a ZERO-DAY? Let me remind you that a zero-day is a security flaw used in real-world attacks, not a vulnerability discovered and properly reported to the software owner. Otherwise, Bugcrowd and HackerOne will be filled with zero-days. This is just a GOD DAMN bug report.

Solution: Use the right OS

[lky]

Seems to me this very problem is what operating systems like Qubes were designed to address.

Since you can run the browser in two different environments for different purposes, it is possible that you only have Lastpass accessible when you're visiting trusted websites and you use the browser in the "untrusted" environment which does not have access to Lastpass when you surf random sites.

Then for someone to use this method to get your passwords, they have to hack a website you consider trusted.

Problem solved in a way that allows for the inevitable bugs and flaws in each app.

https://www.qubes-os.org/

Go cloudless

A dangerous zero-day vulnerability has been found in popular cloud password vault LastPass

Here lies the problem. Don't store confidential data (and especially your passwords) on the frickin cloud.

Sweet.

Since nobody is ever born this brand new to use it.

Re:Multifactor authentication is a datamining sche

Idea of two factor is to have a knowledge based key and a physical key. A perfect physical key makes remote attacks impossible, which is nice. Authenticators are leveraging the fact that pRNGs aren't random. With a known seed, you can predict the output of a given algorithm. Since the seed only needs to be shared once (the rest is just time-syncing) and it can be arbitrarily long, it's pretty secure. Dynamic is preferable to static (debit card, keyfile, etc) because of things like replay attacks.

You can get an authenticator dongle that could never track your location, if you're concerned. Easier to monitor an app's web traffic though. E-mailing is weird. Changes it to two knowledge based keys, and two passwords isn't more secure than doubling a single.

BLANK ATM CARD

BE SMART AND BECOME RICH IN LESS THAN 3DAYS Are you living a poor life,then here is the opportunity you have been waiting for. Get the new ATM BLACK CARD that can hack any ATM MACHINE and withdraw money from any account. You do not require anybody's account number before you can use it. Although you and I knows that its illegal,there is no risk using it. It has SPECIAL FEATURES, that makes the machine unable to detect this very card,and its transaction is can't be traced . You can use it anywhere in the world. With this card,reach the hackers via email address :Benhookson@hotmail.com or contact with this mobile number:+447031909657.