Subj : LastPass is forcing its users to make longer, tougher passwords
To   : All
From : TechnologyDaily
Date : Thu Jan 04 2024 14:45:04

LastPass is forcing its users to make longer, tougher passwords

Date:
Thu, 04 Jan 2024 14:37:24 +0000

Description:
LastPass customers are being asked to set up more complex passwords in an 
effort to improve account security following 2022 breach.

FULL STORY
======================================================================

LastPass is forcing customers to set up 12-character master passwords, if 
they havent already, in an effort to improve security following a major 
incident in 2022. 

While this has been a default option since 2018, LastPass customers have been 
able to evade the 12-character recommendation, which will now soon be 
mandatory. 

On its website, the password manager said the new requirement surpasses the 
current National Institute of Standards and Technology (NIST) guidelines 
which state that human-generated passwords should be at least eight 
characters long. LastPass security boost 

In a company blog post , LastPass Senior Principal Intelligence Analyst Mike 
Kosak said the password length requirement is part of a progressive set of 
initiatives that the company is rolling out in order to protect customer 
accounts, thus minimizing the likelihood of any successful attacks. 

In an email to customers seen by TechRadar Pro , LastPass said in response to 
why it was making the change: Were committed to meeting the latest industry 
security standards and best practices to protect against external threats. 

Theres also the fact that the company suffered a security incident in 2022 , 
which saw an unauthorized party gain access to some of the companys data. 

From January 2024, LastPass users master password should include at least 12 
upper case, lower case, numeric, and special characters. 

Free, Premium, and Family customers are among the first to be notified about 
the change, and Teams and Business customers are expected to receive a 
warning by the end of January. 

From February, new and reset master passwords will also be cross-referenced 
in real-time against a list of exposed credentials on the dark web. Users 
will receive a security warning if the password they choose has been 
previously leaked. 

Customers who fail to meet the deadline will be logged out and forced to 
create a new master password, helping LastPass to ensure that all customers 
have taken the necessary steps. 

A LastPass spokesperson confirmed in an email to TechRadar Pro that a phased 
rollout begins on January 8 for business customers. More from TechRadar Pro 
Worried about your online safety? These are the best privacy tools and 
anonymous browsers Millions in crypto has been stolen following LastPass 
breach Protect your online activity by using one of the best VPNs



======================================================================
Link to news story:
https://www.techradar.com/pro/security/lastpass-is-forcing-its-users-to-make-l
onger-tougher-passwords


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.