Hacker News new | ask | show | jobs
by gregsadetsky 1640 days ago
You received a "Someone just used your master password to try to log in to your account from a device or location we didn't recognize" email?

And your master password was secure/not used anywhere else, etc.?

Did we all (that's 8 of us now in the thread) get compromised a few years ago (using the LastPass extension?) and someone just mass attempted to try all of those passwords..?

Edit: since you're tracking IPs found in this thread (thanks!) my attacker's was 160.116.189.21 . You also have 1 ip duplicated (160.116.88.235) which was from the same user both times. You can also add 160.116.95.249 which was just posted
1 comments
trajcek 1640 days ago
"Someone just used your master password to try to log in to your account from a device or location we didn't recognize. LastPass blocked this attempt, but you should take a closer look."

Could be... I haven't rotated my password in a while. Could you link me to more info about the LastPass compromise that you mentioned?

p.s. My master password is definitely not dictionary material, and it's not used anywhere else, so I am 100% sure it's not a bruteforce / phishing attempt.

link
gregsadetsky 1640 days ago
That's so extremely bad and really cannot be a coincidence at this point. We were all owned in the same way years ago...?

The compromise was mentioned here: https://news.ycombinator.com/item?id=29707325

link
ksec 1640 days ago
So they had waited all these years, before they act on those Password? Seems like there should be some other explanation.
link