LastPass is a password manager that stores encrypted passwords online and provides users easy access to them through a web interface, browser plugins and smartphone apps. The vulnerability allowed an attacker to exploit a flaw in Chrome and Opera extensions to expose the last credentials filled by LastPass. It was eventually patched. To me, this vulnerability really highlights the biggest flaw of password managers. The tool that is supposed to protect you is actually the thing that can cause the most harm. I’m interested to know if anyone in class has experience with password managers and if you would recommend using one.
https://www.securityweek.com/lastpass-patches-bug-leaking-last-used-credentials
Leave a Reply
You must be logged in to post a comment.