076萌SNS
  • Login

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Yellow Flag (wpalant@infosec.exchange)'s status on Saturday, 07-Jan-2023 07:55:15 JST Yellow Flag Yellow Flag

    I keep hearing from people about #LastPass accounts configured with one iteration. At the same time people point out that super admin accounts hold the keys to decrypting all of the users’ vaults. And that Federated Login doesn’t apply to super user accounts – these are still only protected by their master password.

    Guess it’s only a matter of time until the attackers find a weakly protected super admin account and use that to compromise a company?

    #LastPassBreach

    https://palant.info/2022/12/28/lastpass-breach-the-significance-of-these-password-iterations/

    In conversation Saturday, 07-Jan-2023 07:55:15 JST from infosec.exchange permalink

    Attachments

    1. LastPass breach: The significance of these password iterations
      from Wladimir Palant
      The Password Iterations setting is essential to keep users’ data secure. Yet LastPass failed to keep it up-to-date for many accounts.

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    076萌SNS is a social network, courtesy of 076. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All 076萌SNS content and data are available under the Creative Commons Attribution 3.0 license.