Make sure your primary password is not used for any other purposes - do not use your CalNet passphrase as your LastPass password. UC Berkeley recommends that everyone with a LastPass Premium or free account should also update their Primary Password.Ĭhange your primary (LastPass calls this master) password using CalNet’s guidance on creating a strong password 11, 2023, UC Berkeley is requiring all users who have a LastPass Business account to update their Primary Password. In 2021, UC Berkeley IT, along with other UCs, published a guide on removing biased language from our communications, so we are using the term Primary Password here instead of LastPass’s term of Master Password (which you will see when using the LastPass interface). It should be noted here that the vaults are themselves encrypted (though URLs stored there are not). In LastPass’s blog post, they say that “ The threat actor was also able to copy a backup of customer vault data ,” which LastPass has confirmed to mean that backups of all vaults were taken. These vaults contain encrypted passwords, but URLs for stored items are in plain text. In summary, an attacker was able to download a backup of all LastPass customer vaults (regardless of membership level). LastPass has released a blog post, which they are updating periodically. Anyone with a LastPass account should take action to protect their information What has LastPass said about this incident?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |