The alarming number of data breaches that consumers have seen in recent years has some people on high alert.
Verizon’s 2015 Data Breach Investigations Report showed that there were 2,122 confirmed security breaches in 61 countries over the last year.
Of those confirmed breaches, 458 involved attacks on web applications.
In these cases, “attackers used stolen credentials, like user names and passwords, 95% of the time, and simply logged in as though they were a legitimate user,” according to Re/code.
On such merits, having an impenetrable password is vital to securing your online information.
The problem, of course, is remembering these lengthy passwords on each website you visit.
That’s where LastPass has come in handy for many people.
LastPass collects all of your usernames and passwords in one secure location. So the next time you visit a website that requires a login, LastPass will automatically enter it for you. You can access your passwords at any time in LastPass’ vault.
You’ll just need to remember one master password for the system to work.
Yet what happens when the one place you trust to securely store all of your passwords experiences a security breach of its own?
LastPass Sees “Suspicious Activity”
Earlier this week, LastPass sent an email to users warning them of “suspicious activity” on its network.
As a result, users were encouraged to change their master passwords as the company investigated the situation.
Clearly, it’s unsettling when your last bastion of defense delivers such a foreboding message.
The good news is, it appears that the passwords stored on users’ vaults weren’t compromised.
According to LastPass, “Our security and processes worked as designed, and customer data was, and is, protected. Because we are requiring verification for any new IP address or device, your account is secure.”
Now, if users are still worried about what might happen if their vaults were exposed, you could set up your online accounts to require two-factor authentication to gain access.
That is, besides your normal password, a particular site would also ask to see an authentication code you can establish using the Google Authenticator app.
You can find instructions for doing so here.
Executive Editor, Wall Street Daily