Posted by on April 6, 2017

LastPass Worries

lastpass-blog-article-screenshotLastPass Worries: a reader asks…

I use your recommended LastPass password manager. Do I need to worry about security vulnerabilities? I read that several security vulnerabilities were discovered with LastPass. Should I switch to another password manager?

LastPass advised users of an existing potential vulnerability via their blog. While the threat is pretty obscure, it is possible for you to inadvertently allow your account to be compromised. LastPass is working on a permanent fix, but in the meantime advises folks to not use the browser extension, but to open your LastPass vault and launch websites directly from there.

Advertisement

Personally, I applaud LastPass for being proactive and offering a workaround out of an abundance of caution. No password manager is 100% secure because security is an ongoing improvement process. Many other password manager programs don’t even let their users know about discovered vulnerabilities. LastPass, like Microsoft, Apple, and other software developers must constantly update their software to counter newly emerging threats – hackers are targeting the market leaders constantly. So no, I don’t think you should switch, and I expect a program update that patches the vulnerability to be issued within a few days. In the meantime, you can choose to follow their directions or not. If you don’t surf the web indiscriminately, and otherwise practice safe computing (I have tips here and here), your risk is minimal.

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek (send to @PosiTek), Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to support@positek.net (send to Support@PosiTek.net), Click or tap to open a new browser tab or your Paypal app to send money using your credit card to support@positek.net (no Paypal account required) using any credit card (no Paypal account required), using Zelle, Apple Pay or Google Pay, or by mailing a check or cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thank you!

Go to Top of Page

Share This

Author: Your Tech Coach at PosiTek.net
There are currently 1277 reader comments on published articles, care to join in? Use the Leave a Comment form below/at the bottom of any existing comments. This is a good place to ask follow-on questions on this subject.

Leave a Comment

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

This site uses Akismet to reduce spam. Learn how your comment data is processed.