The situation at LastPass may be worse than they are letting on

For anybody else left wondering, Bitwarden <i>does</i> encrypt (nearly) everything in your vault:<p>&gt; At Bitwarden we take this trusted relationship with our users seriously. We also built our solution to be safe and secure with end-to-end encryption for all Vault data, including website URLs, so that your sensitive data is “zero trust” secure [1]<p>I haven&#x27;t used LastPass in years, but the recent news made me wonder how Bitwarden was handling URLs.<p>[1] <a href="https:&#x2F;&#x2F;bitwarden.com&#x2F;resources&#x2F;zero-knowledge-encryption-white-paper&#x2F;" rel="nofollow">https:&#x2F;&#x2F;bitwarden.com&#x2F;resources&#x2F;zero-knowledge-encryption-wh...</a>

So is there any way to verify what this person is saying? I mean, from the way LastPass is evolving it doesn&#x27;t seem unlikely to me -- but why is this tweet on HN? Is there any supporting evidence aside from an anecdote, does this Twitter account have a strong reputation of being credible, etc.?<p>Without context, I just don&#x27;t understand why this anecdotal thread should be considered credible.<p>Disclaimer: I use FOSS password managers for everything possible but have to use LastPass for some non-personal stuff and I very much dislike it

These appear to be the main previous threads:<p><i>See what is unencrypted in your LastPass vault</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34105368" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34105368</a> - Dec 2022 (9 comments)<p><i>LastPass breach is worse than you think because URLs were unencrypted</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34102982" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34102982</a> - Dec 2022 (81 comments)<p><i>LastPass users: Your info and vault data is now in hackers’ hands</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34100087" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34100087</a> - Dec 2022 (19 comments)<p><i>LastPass says hackers stole customers&#x27; password vaults</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34099647" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34099647</a> - Dec 2022 (15 comments)<p><i>LastPass user vaults stolen in recent hack</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34097142" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34097142</a> - Dec 2022 (276 comments)<p><i>Lastpass Security Incident</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=33806803" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=33806803</a> - Nov 2022 (560 comments)<p><i>LastPass confirms hackers had access to internal systems for several days</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32912350" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32912350</a> - Sept 2022 (21 comments)<p><i>LastPass says hackers had internal access for four days</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32871051" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32871051</a> - Sept 2022 (7 comments)<p><i>Last Pass Hacked</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32612645" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32612645</a> - Aug 2022 (35 comments)<p><i>LastPass: Notice of Security Incident</i> - <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32598587" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=32598587</a> - Aug 2022 (130 comments)

This is why Microsoft&#x27;s requirement to drink a verification can was so genius. Imagine being a hacker and have to drink multiple verification cans to be able to proceed throughout multiple transactions. &quot;Hacker dies from overdose due to ingestion of too much Doritos and Mountain Dew&quot;<p><a href="https:&#x2F;&#x2F;imgur.com&#x2F;dgGvgKF" rel="nofollow">https:&#x2F;&#x2F;imgur.com&#x2F;dgGvgKF</a>

The inference that the LastPass leak is responsible is being made purely on the basis that this particular person can&#x27;t identify any other way the security of their wallet was broken. That seems a very weak basis (essentially, absence of evidence equating to evidence of absence) to make what is really a very strong assertion.

I’m skeptical of this. Seems like if it were true, we would be hearing the same thing from several other independent and credible sources.

This is quite interesting. A couple of weeks ago, I received an extortion phishing email, but it was directed to a secondary email address that hasn’t been previously compromised. It made it past Gmail’s spam and phishing filters into my inbox.<p>Maybe a coincidence, but I guess every weird thing that happens is going to raise alarm bells.<p>I was suspicious of the LastPass concept (storing passwords in a cloud app) when a former employer introduced it some years ago, but they had a strong IT and security culture so I trusted them to make the right choices and adopted it for my personal use.<p>A few months ago I hsd an issue with my LastPass 2FA device and a policy set by my former employer blocked me from resetting it for my personal account. It was resolved by LastPass, but that was the first strike, and I had spent most of the night extracting my personal account passwords manually from the mobile app, which remained logged in. That was strike 1. This is strike 2.

This is ultimately a predictable outcome for any password manager that stores your credentials on someone else&#x27;s server.<p>Just like they say in crypto &quot;not your keys, not your crypto&quot; - it applies here too. Not your storage, not your passwords.<p>KeePass on an airgapped box, or an encrypted hardware password manager with no network interfaces is best, though frankly, I&#x27;d even be more comfortable writing down passwords on paper (at home) than I would be storing them on someone else&#x27;s server.<p>I say all this as a big tech red teamer, or, someone who breaches other people&#x27;s servers for a living.

And when I say that I will stop using 1password when the local vault no longer works, people look at me like I&#x27;m paranoid and crazy.<p>I&#x27;ve looked at the white paper <a href="https:&#x2F;&#x2F;1passwordstatic.com&#x2F;files&#x2F;security&#x2F;1password-white-paper.pdf" rel="nofollow">https:&#x2F;&#x2F;1passwordstatic.com&#x2F;files&#x2F;security&#x2F;1password-white-p...</a>, I think 1password has a decent security posture for their cloud offering but then there&#x27;s always the risk of a breach where the attacker controls the site and can intercept your master password through it. Same as what happened with British Airways or Lavabit.

Having all your keys&#x2F;passwords on a 3rd party server is something that I&#x27;ve never been willing to accept from a security standpoint. That&#x27;s what always kept me from using a `hosted` solution. I do get the allure from a multi-user management aspect though.

I use my own hand-rolled password management system. Everyone told me: &quot;don&#x27;t roll your own password manager!!&quot;<p>Here&#x27;s the thing: yes, my tool is probably less secure than a professional tool, by an order of magnitude. But it&#x27;s also a far less attractive target for hackers. If you spend an hour to crack my tool, you get one guy&#x27;s data. If you spend 1000 hours to crack LastPass, you get millions of users&#x27; data. The cost::payoff ratio for hacking LastPass is far better.

Please stop commenting whether you are a LastPass user or not. Some of your profiles on HN have an email address and in general all your comments are public so can be mined, plus &quot;rich techies&quot; could be prime targets for more direct and elaborate phishing campaigns.

I saw a class action filed. If the class is admitted I may opt out, I want compensation for each of the many hours I now have to spend rotating my hundreds of passwords. This is totally unacceptable.

Best to just use pass (<a href="https:&#x2F;&#x2F;www.passwordstore.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.passwordstore.org&#x2F;</a>) with your own gpg key rather than rely on any 3rd party service. Then set up a git repository on a (free) google cloud instance, (or even use github&#x2F;gitlab), and you&#x27;re set to sync your passwords to all your devices.

If this was true, i feel like it would be a little strange for the attacker to use it to steal a small amount of crypto. Once its revealed how bad this is, there would probably be a small window before people change their passwords, i would assume attackers would either go for a big score before revealing this capability, or they would try to hit everything very quickly. Just hitting a tiny amount of crypto seems odd.

Reminder that in 2015 LastPass was acquired by LogMeIn, who then in 2021 announced it was spinning off back into its own thing, though whether that has happened yet is unclear.<p>If you look into what LogMeIn (now renamed to “GoTo”) makes… this doesn’t make me feel good about GoToMeetings, GoToMyPC, or join.me.

Is there any reason to use these cloud based solutions when open source alternatives like KeepassXC is available?

It is highly unlikely that the attacker was able to crack the encryption. It&#x27;s also highly unlikely that Lastpass had an unencrypted copy of the vault. However we know that all URLs are not encrypted which allows to identify users who have accounts for particular services e. g. cryptocurrency websites. The attacker could mount targeted attacks only on these lastpass users to reduce the risk of raising red flags. For example the attacker can send very convincing phishing mails to target these individuals with 0-day exploits. But an alternative much more scarier scenario could happen if the attacker found a way to extract the lastpass master password by injecting malicious code into the lastpass extension of targeted users. The possibility of this scenario depends if there is a way for lastpass servers to inject code into the browser extension.

While this could be what happened, I suspect otherwise.<p>For many years, those of us in the cryptocurrency fields have said <i>never</i> enter your keys on a computer. Generate them offline on a hardware device and let that be it. The person making this claim clearly had to enter unencrypted keys into a computer to put them into his laspass vault. There are a number of malware variants that specifically target keys and search things like input fields in web forms and clipboards for those keys.

It is difficult for me to believe that this could be true unless their web application has also been hacked.<p>And if that were the case then this is really getting into criminal negligence territory (especially the way they&#x27;ve been disclosing it).

This pushed me to move my Bitwarden data to a self-hosted Vaultwarden instance tonight.<p>At this point I just don&#x27;t want my data in the big, juicy hacking target.

What if this tweet was provided as &quot;evidence&quot; of the opposite claim:<p>&gt; I think the situation at @LastPass may be better than they are letting on. &gt; &gt; On Sunday the 18th, four of my wallets were completely safe. There were no losses. &gt; &gt; Their seeds were kept, encrypted, in my lastpass vault, behind a 16 character password using all character types.<p>IOW, the honesty and integrity of the user does not matter. What matters is some form of verification of the cause of a breach, because this single post presents no useful evidence for determining the cause of the breach, most especially ruling out over-the-shoulder attacks.<p>What has confounded me for a long time is this question: are there no breaches of security cameras? I can spend time in a Starbucks and always see someone enter a password into some device, I do not recall reading that a security camera system has been hacked, yet I would assign an incredibly high value to security cameras in places like coffee shops, airports, hotel lobbies, etc.

LastPass-the-company doesn&#x27;t need to die over this incident, but I can&#x27;t help but wonder if a kind of corporate panic will stop them from doing what they need to survive it.

I&#x27;ve been using LastPass for years. Looks like I&#x27;m going to have to export everything from my LP vault and import it into Bitwarden. Any downsides to Bitwarden that anyone knows of? I&#x27;m asking more about convenience, i.e. how well the browser extensions and Android app work and less about security.

If this is true there really is such low hope for cryptocurrency. If you can’t store your keys in a service like LP hardened via physical 2FAA. What’s left? Air gapped setups?

I just wish Firefox would integrate Apple’s Keychain. I don’t know if it is even possible or not. But it is such a pain because I really am tired of all these password managers and also security breaches from multiple silos. Medibank has leaked all my data and now I have lastpass to deal with too.

We’ll find out if they actually deleted deleted data or not.

I&#x27;ve been using KeePass for years and have recently switched to Strongbox which is an incredible app&#x2F;ui to interact with Keepass databases for macOS and iOS.<p>The database is kept in sync with either Dropbox or iCloud.

I wonder if quadrigacx’s recent lost “cold wallet” movements are related:<p><a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34074858" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=34074858</a>

I am quite happy that I am only using KeePassXC + Syncthing. My default assumption for these kinds of services is that they will be breached sooner or later.

I tend to stay away from centralized password managers like last pass too risky and too big a target. I use and recommend KeePassXC for local password management. This is a similar problem to keeping your crypto on a centralized exchange vs in a cold wallet. There are trade offs to doing it this way, but to me it is the best and most secure option. I rather control my passwords or keys than some company.

Is there a site or something where you can put in all the devices you own (e.g., iPhone, Mac laptop, tablet, chromebook, etc) and what features you want (e.g., adding a password on one device syncs it automatically to all other devices, offline useage, auto fill of browser form fields, auto saves now username&#x2F;passwords, etc.) and it will tell you what password manager best meets your needs?

A few years ago, I made the decision to delete my LastPass account. At the time, I wasn&#x27;t sure if it was the right move, but in light of the recent data leak, I couldn&#x27;t be happier with my decision. If you&#x27;re in the market for a new password manager, I highly recommend giving Bitwarden a try. It&#x27;s open-source and has a strong focus on security and privacy.

This claim looks strange.<p>A 16 characters password from all character types can’t be broken.<p>How could hackers break the vault, with end to end encryption and such password?

I have no conclusions on this but kind of like in court, not the best idea to investigate your own personal breach but I get there is little choice for OP.<p>In my experience &quot;I didn&#x27;t click on any suspicious link&quot; and similar user denials are exactly why you don&#x27;t ask them that during incident response, instead you get them to give you all their browsing&#x2F;download history&#x2F;content so you can verify that.<p>It could be cookie theft (physical 2fa can&#x27;t stop that) or consent phishing if they use oauth for their main lastpass login. As soon as this was noticed, disk&#x2F;memory images should be taken of all devices with lastpass ideally so they can be investigated. I don&#x27;t know if the victim here uses laspass on their phone for example or by new apps they include new browser extensions or updates to existing apps (supply chain compromise).

Being completely ignorant about how this works, why would a LastPass compromise result in passwords being exposed? Surely they themselves don&#x27;t store unencrypted passwords, but instead the passwords are encrypted by the user&#x27;s key? Or is this a compromise of the locally installed software?

As a suggested alternative - I&#x27;ve been very happy with pwSafe. www.pwsafe.info<p>It&#x27;s not nearly as convenient as LastPass, but likely more secure. It uses TwoFish with a 256 bit key length, which was one of the finalists for the AES standard.

Password managers should be offline. I use keepass and sync the key file across all my devices using a cloud service. Works great and is the probability that my key file will ever be compromised is very close to zero.

I’m wondering if leaving the URLs in plaintext was actually a good idea, here’s my reasoning:<p>With _random_ passwords which most LastPass users probably generated, the attacker has no way of knowing if a key resulted in a successful decryption unless they login to a particular site.<p>If the URLs were part of the encrypted payload though, a quick string check for “http” or “www” would tell them if a key was correct or not during their brute-force attempts. Maybe a silver lining?

What I find concerning is PKDBF was used, even <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;PBKDF2" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;PBKDF2</a> quotes PKDBF1 and PKDBF2,and that is recommended to use PKDBF2. Is there any evidence to show that they indeed rolled their own encryption rather than use a de-facto standard AES algorithm? Or is there something that is missing.

I have always used Pass [1], and while it is certainly less convenient, it doesn&#x27;t really take too much extra effort to self host your passwords in a PGP encrypted git repo. Self hosting has drawbacks of its own, of course.<p>[1] <a href="https:&#x2F;&#x2F;www.passwordstore.org" rel="nofollow">https:&#x2F;&#x2F;www.passwordstore.org</a>

Could the hack have been achieved using the leaked unencrypted URLs? Not by decrypting the user&#x27;s vault?

I&#x27;m very interested in how this breach was pulled off. Could it be some sort of state actor?

Most hackernews readers will have left LastPass after the amount of times LastPass has been in the news over the just 5 years wouldn&#x27;t they? Genuinely interested if phone is still using it - by choice that is.

I feel like this is an excellent time to, once again, give out two reminders to anyone who needs reminding:<p>&quot;The cloud&quot; is just someone else&#x27;s computer.<p>Sharing your password with anyone always makes you less secure.

I don&#x27;t get why everybody is in love with cloud solutions for keeping their secrets. Encrypted as they may be.<p>Self hosted, at home, or I don&#x27;t trust it. It&#x27;s really that simple.

Dear Agile Bits:<p>Please reaffirm my choice to pick you as our company password manager years ago before I research the ambiguity of centralized password management and make my own decision.

hah. For years I&#x27;ve been telling people I know to NEVER trust all their security to one-password services. Given so many tech companies penchant for playing stupid and loose with internal security without customers even being aware of it, this kind of thing was bound to happen. All the worse to trust a password vault service under the circumstances.<p>Too many people who should know better on this site itself kept recommending things like Lastpass... Incredible.

I so much wish Google would provide a password manager within Workspace. I&#x27;m yet to find a trustworthy frictionless product for my business.

Every week there&#x27;s some HN post like this. Everyone loses their shit. Then nothing happens. I use Bitwarden but damn dudes. Wow.

either two possibilities:<p>1. password was somehow left in plain text<p>2. there was a problem with the encryption implementation by LastPass. likely this is the reason.<p>this is why you always encrypt crypto stuff with offline computer using well-vetted tools like VeraCrypt or openssl, and not rely on cloud storage encryption. Only you can do your encryption. relying on others doomed to fail eventually.

Hope this isn’t true. Only going to get a chance to sort all my stuff out post Xmas

I deleted my LastPass data a few years back, now hopefully it actually got deleted…

this sort of thing is why I append the name of the website + a unique identifier + password, so that I don&#x27;t have to bother changing my password during such nonsense, ugh.

Seems nothing of value was lost though.

Simple, use local password managers. Who would trust a single entity with all your passwords

Imagine storing all your sensible passwords in the cloud of a private company lol

<i>crypto</i> pathic<p>Press [X] to doubt.