KnowTechie: LastPass says your passwords are totally safe and no one’s account was compromised. “LastPass really wants you to know that the company didn’t leak any of your passwords. Earlier this week, users reported that the company notified them that their master passwords might have been compromised. But now, the company says an “error” may have caused the alerts to be sent out.”
The Verge: LastPass is going to become an independent company. “LogMeIn plans to spin out password management tool LastPass as a standalone company, it announced Tuesday. With the change, LastPass is promising that customers will receive enhancements on an ‘accelerated timeline’ next year. ‘With a team solely dedicated to its continued innovation and growth, [LastPass] will be able to deliver even more strongly for users,’ a spokesperson said.”
Wired: How to Export Your Passwords From LastPass. “There are several other password services we think are better than LastPass, and one of them is also free. If you’d like to switch, have a look at our updated Guide to the Best Password Managers. Once you’ve decided where you want to take your passwords, you will need to export your data out of LastPass and import it into the new service.”
Mashable: 5 password managers to replace LastPass. “According to The Verge, LastPass’s free version will only allow users to view their passwords from one type of device, either mobile or computer, starting March 16. On that date, users will have to choose their device category, which they will be able to switch only three times, or upgrade to Premium at $3/month. Since I do actually want to make my life easier and more secure (and yours, too!): I’ve gathered the best free and paid alternatives to LastPass.”
The Register: 1Password has none, KeePass has none… So why are there seven embedded trackers in the LastPass Android app?
The Register: 1Password has none, KeePass has none… So why are there seven embedded trackers in the LastPass Android app?. “A security researcher has recommended against using the LastPass password manager Android app after noting seven embedded trackers. The software’s maker says users can opt out if they want.”
Lifehacker: Watch Out for Lastpass’ New Log-off Bug. “A number of LastPass users are taking to the company’s forums to complain about a pretty unfortunate bug that affects its extension’s automatic log-off features—something you’ll always want to enable as a backup security measure.”
Review Geek: LastPass Accidentally Deleted Its Extension From The Chrome Store. “If you’re a LastPass customer and noticed you can’t find the password manager’s extension in Google’s Chrome Web Store, there’s a reason for that: LastPass accidentally removed it. I didn’t say it was a good reason, but there you have it.”
Ars Technica: Password-exposing bug purged from LastPass extensions. “Developers of the LastPass password manager have patched a vulnerability that made it possible for websites to steal credentials for the last account the user logged into using the Chrome or Opera extension.”
Engadget: LastPass fixes fingerprint security flaw in its Authenticator app. “Password manager LastPass has an extra layer of protection for its Authenticator app, in the form of a fingerprint and/or PIN that ostensibly keeps people out of your passwords if they find your phone unlocked. Last week, a developer posted that he’d been able to bypass this security feature on the Android version of the app. As of right now, though, LastPass users can download an update to the app that fixes the issue and adds a one-time code when the fingerprint/PIN feature is first enabled.”
Digital Trends: Password Manager Face Off – LastPass Vs 1Password, Who You Got?. “Using a password manager can be one of the most important steps you take in securing yourself online (and being ‘internet awesome’), but picking the right one for you isn’t always easy. To that end, we’ve pitted two of the most popular managers against one another in a battle to see which is better: LastPass vs. 1Password.”
Neowin: LastPass doubles price of its Premium plan, removes features from its free service tier. “In November, LastPass made a big change to its service, allowing users to keep track of their passwords across all their internet-enabled mobile and desktop devices, free of charge. In addition to the free tier, the cross-platform password manager – available on iOS, Android, and Windows 10 – also offered a Premium plan with additional features, priced at $12 per year. Today, LastPass announced another wave of changes to its lineup for individual users – but this time, the changes are unlikely to be welcomed with open arms by its customers.”
BetaNews: LastPass lets you share passwords with its new Families subscription. “Sharing some accounts with friends or family members has its perks, but it can also be risky. Many people expect to use simple passwords, which is why you may be tempted to go for something that’s easy to remember. Not to mention that they also lose the credentials from time to time, so you have to share them again via email or texts, which is not really safe. But LastPass may have come up with a better option.”
Naked Security: Another hole opens up in LastPass that could take weeks to fix. “The flaw affects users of version 4.x across all browsers and platforms and would allow a phishing attacker to steal passwords from the LastPass vault when a user is drawn to a malicious website. Attackers could also execute code on computers that running LastPass’s binary component.” I don’t think anybody should ditch LastPass but this is certainly a bad run at the moment.