Buying Guides
by Review Geek

Browse All Buying Guides
How-to Geek Best Of Badge Award

Reader Favorites

8 Best Wireless Mechanical Keyboards
5 Best Places to Buy Vinyl Records Online
8 Best Hot Swappable Mechanical Keyboards
Apps to Share Your Location with Family
The 5 Best Trip Planning Apps
The Best Multi-Device Mice and Keyboards for Power Users
7 LEGO Alternatives That Still Work With LEGO Bricks

More from Review Geek

Browse All Buying Guides
Browse All Latest News

Review Geek Editorials

Why Everyone Needs to Stock up on Power Banks
I Switched to a Galaxy S21 and I Hate It
I Tried Carvana: It Was Worse Than The Dealer
Don't Buy an Electric Riding Lawn Mower
Why We Can't Recommend Wyze or eufy Cameras
Don't Buy This Fake 16TB Portable Hard Drive
You Don't Really Ever Own an EV

More from Review Geek

Browse All Reviews
Browse All Buying Guides
How-to Geek Editor Choice Badge Award

Across LifeSavvy Media

FROM LIFESAVVY
BedJet 3 Review: Personalized Bed Climate Control Made Easy
BlendJet 2 Portable Blender Review: Power on the Go
FROM HOW-TO GEEK
Onyx BOOX Tab Ultra C Review: Tempting E-Paper Tablet With Shortcomings
Samsung Galaxy S23 Ultra Review: Practical Perfection With a Hint of Restraint
We select and review products independently. When you purchase through our links we may earn a commission. Learn more.
X
Popular Searches
News

The LastPass Data Breach Just Got Even Worse … Again

Please, stop using LastPass.

Andrew Heinzman
Andrew Heinzman
News Editor

Andrew is the News Editor for Review Geek, where he covers breaking stories and manages the news team. He joined Life Savvy Media as a freelance writer in 2018 and has experience in a number of topics, including mobile hardware, audio, and IoT. Read more...

About Review Geek
@andrew_andrew__
| 1 min read
The LastPass app on an iPhone.
Tada Images / Shutterstock.com

After getting hacked in August, LastPass promised that customer data was safe. Later, the company admitted that customer data was compromised, but claimed that user passwords were not part of the data breach. Unfortunately, LastPass was completely and totally wrong.

According to a new LastPass press release, hackers obtained a “backup of customer vault data” during the big security breach earlier this year. The information stored in this vault data is encrypted, but a hacker can decrypt it using your master password—that’s the password you use to log into LastPass.

If your LastPass master password is something simple, like “password1234” or “guitarhero1984,” you’re probably screwed. Hackers can easily guess these simple passwords using brute force. For security’s sake, please change your password on every website immediately. (A rival password manager that hasn’t been hacked, such as 1Password, can help you get the job done.)

Users who created a strong master password might be in the clear. At least, that’s what LastPass says. The company claims that it would be “extremely difficult” to guess master passwords for customers who followed the company’s “best practices” guidelines.

“The threat actor may attempt to use brute force to guess your master password and decrypt the copies of vault data they took. Because of the hashing and encryption methods we use to protect our customers, it would be extremely difficult to attempt to brute force guess master passwords for those customers who follow our password best practices.

How to Check if Your Password Has Been Stolen
RELATEDHow to Check if Your Password Has Been Stolen

Even if you use a strong master password, there’s a chance that hackers will try to phish some information out of you. LastPass warns that it “will never call, email, or text you and ask you to click on a link to verify your personal information.”

To be clear, LastPass is still investigating this data breach. And after four months of “sorry, it’s worse than we thought,” customers are rightfully worried that LastPass doesn’t have all the details. For all we know, things could get even worse.

We asked our readers to stop using LastPass in July of 2020. And we still implore you to avoid this service. LastPass has a long record of data breaches, two of which occurred this year!

The Best Password Managers of 2023

Best Overall Password Manager
1Password
Shop
Best Free Password Manager
Bitwarden
Shop
Best Password Manager and VPN C...
Dashlane
Shop
Best Password Manager for Busin...
NordPass
Shop
Best Offline Password Manager
KeePassXC
Shop

Source: LastPass

Andrew Heinzman Andrew Heinzman
Andrew is the News Editor for Review Geek, where he covers breaking stories and manages the news team. He joined Life Savvy Media as a freelance writer in 2018 and has experience in a number of topics, including mobile hardware, audio, and IoT. Read Full Bio »