Well, this is a little embarrassing...
Last week one of our promoted products, password manager LastPass, announced they had suffered a breach through a third-party cloud storage solution. They disclosed an unknown actor gained access to certain customer information, but they didn't elaborate. They did emphasize that no customer passwords were exposed since those are all stored using high levels of encryption that even they don't have access to.
Yes, anytime a password manager gets hacked, even one we recommend, it's concerning and a bit embarrassing. Password managers, after all, are the equivalent of digital banks, the holders of the keys to the castle. However, with properly developed code and architecture, today's high-grade password management products are highly unlikely to experience a breach that exposes your critical passwords.
Does the risk justify the benefits? In our humble opinion, absolutely. The ability to use random, 16 to 24-character passwords throughout your internet activity makes the likelihood of your password being hacked directly virtually non-existent. Similar to an unlocked door, a thief will move on to the next user on their list. Sadly, complex passwords don't make you bulletproof. The site you're accessing or your computer can get hacked, so you still have risks. But virtually eliminating a weak password from your list of vulnerabilities is one of the best things you can do to enhance your cybersecurity, and a password manager makes that an almost effortless endeavor.
With cybercrime on the rise and our increasing dependence on the internet for everything from our food and our transportation to our healthcare, it's more critical than ever that we do all we can to protect ourselves.
This holiday season, stay vigilant. Don't open email attachments, and don't click on links in emails unless you're sure the sender is who they claim to be. Better still, go to the website directly.
Safe shopping, everyone.
Jeff Mongelli