Hive Systems has a good write-up on password cracking. But if you had a unique, strong master password that’s not guessable, it would take billions of years of computing time to crack it. How long will it take? Well, if you have a short 12-character or easily guessable Master Password it may be cracked already. You did generate a strong master password, right? At this moment, the hacker is trying to crack those vaults. If your Master Password gets compromised, everything in LastPass gets compromised. This password can be used to decrypt all your other passwords and sensitive information stored in LastPass. The main security of LastPass is that that data is encrypted with zero-knowledge to LastPass protected by your master password. The following data is encrypted with your master password. ![]() You can bet nation-states would pay a pretty penny for this information (if it wasn’t a nation-state, to begin with). This makes network scanning after intrusion almost not necessary. The data can be used for phishing additionally, for corporate networks, the attacker probably has a good idea of what technologies are in use and the URLs to get to them. The worst part of this breach is the unencrypted URL field associated with every vault entry. What can the hacker do with that unencrypted data?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |