CheeseMan42 Posted March 28, 2017 Posted March 28, 2017 Researcher Tavis Ormandy of Google's Project Zero has found his third Last Pass vulnerability this month, and described it as "a major architectural problem." A proof-of-concept exploit was created and sent to Last Pass by Ormandy, who was thanked by the company in a blog post. The exploit "makes it possible for malicious websites to steal user passcodes and in some cases execute malicious code on computers running the program," but Last Pass has declined to "disclose anything specific about the vulnerability or our fix that could reveal anything to less sophisticated but nefarious parties." While password managers are able to help increase security for users by generating different, complex passwords for all of the sites a user visits, they seem to be an increasing target for malicious users. Source: Ars Technica Back to original news post Share this post Link to post Share on other sites More sharing options...
WhenKittensATK Posted April 2, 2017 Posted April 2, 2017 (edited) I stopped using 3rd party password managers, once Chrome integrated it. Lastpass shouldn't be on any recommended list. Edited April 2, 2017 by WhenKittensATK Share this post Link to post Share on other sites More sharing options...
Recommended Posts