LastPass is a very popular password manager and yesterday the company announced in its blog that it noticed unusual activity in its developer environment in what it describes as a security incident.
Access was gained through a single compromised computer and parts of its source code were stolen. The company says that no access to the encrypted username or password storage was gained and users should not have to change their passwords.
If you currently don’t use a password manager you should consider using one. Most have ways to generate very secure passwords and passphrases and to store them in a very secure manner. LastPass and Bitwarden both have plugins for Chrome so that you can autofill login screens with a single click of a button.
Make sure to follow good password practices:
- Use a different password for every site or app
- Make sure the password is complex. If you can remember it, it is probably not a good password.
- Do not write your passwords down
- Do not share your passwords
- Store your passwords in an encrypted vault such as a password manager
If you have any concerns about this or any other security issues, please get in touch.