Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.

  • Zagorath
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Yeah at this point it’s considered likely that LastPass vaults are being cracked, based on LP being the common link between various other accounts that are being breeched.

    A small number of rounds of encryption being the default for users with old enough accounts is believed to be a significant part of the issue. It means even if their password was a good one, the vault can be brute forced comparatively quickly.

    • wols@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      If their password was actually good (18+ random characters) it’s not feasible with current day technology to brute force, no matter how few PBKDF2 iterations were used.

      Obviously it’s still a big issue because in many cases people don’t use strong enough passwords (and apparently LastPass stored some of the information in plaintext) but a strong password is still good protection provided the encryption algorithm doesn’t have any known exploitable weaknesses.