|
|
|
|
|
|
by tP5n
3868 days ago
|
|
|
Data uploaded to Google Drive is not data only you control. You may believe only you control the unencrypted data, but that is up for you to decide. If you read the entire post the author states: "To finish, we want to point out that the security team at LastPass responded very quickly to all our reports and lot of the issues were fixed in just a couple days. It was very easy to communicate and work with them. We have seen media and tweets mentioning that we “hacked LastPass”. We did not hack LastPass. We also don’t feel comfortable with those claims. What we did is find a number of bugs, bad practices and design issues which we used to obtain the vault key and decrypt all passwords in different scenarios. There is no bug-free software and any future research on other password managers would likely have similar results." ... which is doubly worrying if you do not control the data you believe to be securely encrypted. |
|
|