Flaws Found In LastPass (from Google+)

[V.T. Eric Layton]

Flaws found in LastPass password manager by security researchers

[abarbarian]

But, as Vigo and Garcia note, LastPass may not be the only password manager with vulnerabilities, and its development team have at least responded to the findings in what seems to be a responsible and timely manner:

We found a number of bugs, bad practices and design issues and used them to obtain the vault key and decrypt all passwords in different scenarios.

There is no bug-free software and any future research on other password managers would likely have similar results.

LastPass has responded and fixed most of the issues in less than 72 hours.

"We want to point out that the security team at LastPass responded very quickly to all our reports and lot of the issues were fixed in just a couple days," the pair explain. "It was very easy to communicate and work with them."

 

They seem like a decent bunch at LastPass an they look to have moved very quickly to sort out the vulnerabilities.

[V.T. Eric Layton]

Yup. I agree. I'll be sticking with LastPass for now.

[Robert]

How do you update Lastpass?

[V.T. Eric Layton]

Since I'm using the current version in my Chromium browser, I'd have to assume that my extension auto-updated for me.

 

https://lastpass.com/upgrade.php?fromwebsite=1&releasenotes=1

[Robert]

Looks like the last Firefox update was Aug 6th and the last IE update July 28.

 

https://lastpass.com/upgrade.php?fromwebsite=1&releasenotes=1

[V.T. Eric Layton]

Looks like the last Firefox update was Aug 6th and the last IE update July 28.

 

https://lastpass.com...&releasenotes=1

 

They're running a bit behind, it seems.

[Guest LilBambi]

Uninstall and reinstall if you did not get the current versions. Or just install over the existing one.

 

I always get mine directly from https://lastpass.com/