Tagged in , and posted in Best Practices

The News has broken, Lastpass has been the victim of an attack.
https://blog.lastpass.com/2015/06/lastpass-security-notice.html/

While it’s not know if and how much impact that has at the moment, I’m personally not majorly concerned about my vault because I use some additional security settings which I layout here.

In this case still rule No. 1 Change your master password immediately.

Then login into your vault and into your settings to make those additional settings:

-> Account Settings -> General -> Show Advanced Settings

  ->  

Scroll down to “Country Restriction” and activate to “Only allow login from selected countries” and select the country you are located in and in which you use Lastpass as well if you are traveling regularly.

Example

Also it’s strongly advised to use a 2-factor authentication which asks you always when you login from a new device for a second pin code that should be on a device only accessible by you.

Select -> Account Settings -> Multifactor Options

and avail of some of the featured options (including using OTP / Google Authenticator) to setup a 2-factor authentication.

Those Steps along with a strong master password will not make you 100% secure against any future hacking, but that will keep your account fairly secure against password stealing in Lastpass.

If you like to generate a secure master password encrypted in your wallet have a look at https://www.passwordcard.org/en

%d bloggers like this: