I-LastPass's master passwords ithotyiwe

Kutshanje abaninzi Abasebenzisi be-LastPass baye baxela ukuba ii-passwords zabo zithotyelwe emva kokufumana izilumkiso ze-imeyile ukuba umntu uzame ukuzisebenzisa ukungena kwiiakhawunti zabo kwiindawo ezingaziwayo.

Las Izaziso ze-imeyile Bakwakhankanya ukuba iinzame zoqhagamshelwano zavalwa ngenxa yokuba Zenziwe kwiindawo ezingaziwayo emhlabeni.

"Kukho umntu osebenzisa igama eliyimfihlo lakho ukuzama ukungena kwiakhawunti yakho kwisixhobo okanye kwindawo esingayaziyo," izilumkiso zokungena ziyalumkisa. “I-LastPass ivalele eli linge, kodwa kuya kufuneka ujonge ngakumbi. Yayinguwe? «

Iingxelo zeLastPass master passwords ezisengozini zisasazwa kwiindawo ezahlukeneyo zeendaba zoluntu kunye namaqonga e-intanethi, kuquka i-Twitter.

Uninzi lweengxelo kubonakala ngathi kuvela kubasebenzisi abaneeakhawunti ze-LastPass zakudala, nto leyo ethetha ukuba abakhange bayisebenzise inkonzo kangangexesha elithile kwaye abayitshintshanga igama eligqithisiweyo. Enye yeengqikelelo ezenziwe ngelo xesha yayikukuba uluhlu lwamagama ayimfihlo asetyenziswayo lunokuvela kwi-hack yangaphambili.

Abanye abasebenzisi bathi ukutshintsha amagama ayimfihlo akukhange kubancede, kwaye omnye umsebenzisi ubanga ukuba ubona iinzame zokungena kwiindawo ezahlukeneyo ngotshintsho ngalunye lwegama lokugqitha.

I-LastPass iphande iingxelo zamva nje zokuba bavale iinzame zokungena kwaye bagqiba ukuba umsebenzi unxulumene nomsebenzi oqhelekileyo we-bot, apho umdlali okhohlakeleyo okanye umdlali ozama ukufikelela kwiiakhawunti zomsebenzisi (kule meko, LastPass). kukwaphulwa kwemithetho yomntu wesithathu enxulumene nezinye iinkonzo ezinganxulumananga ”.

"Kubalulekile ukuba siqaphele ukuba akukho nto ibonisa ukuba ii-akhawunti zifunyenwe ngempumelelo okanye ukuba inkonzo ye-LastPass ithotyelwe liqela elingagunyaziswanga. Sihlala sibeka iliso olu hlobo lomsebenzi kwaye siya kuqhubeka sithatha amanyathelo ayilelwe ukuqinisekisa ukuba i-LastPass, abasebenzisi bayo kunye nedatha yabo bahlala bekhuselekile kwaye bekhuselekile, "wongeza uBacso-Albaum.

Nangona kunjalo, Abasebenzisi bodliwano-ndlebe abafumene ezi zilumkiso bathi amagama abo ayimfihlo ahlukile kwi-LastPass kwaye azisetyenziswa kwenye indawo. Kungenxa yoko le nto omnye umsebenzisi we-Intanethi ezibuza ukuba "Ke bawafumana njani la magama ayimfihlo e-LastPass ngaphandle kokuphulwa kwe-LastPass?" »

Ngelixa i-LastPass ingazange yabelane ngazo naziphi na iinkcukacha zendlela abadlali abakhohlakeleyo abasemva kwezi nzame zokugqwesa iziqinisekiso baqhubekile, abaphandi bokhuseleko uBob Diachenko uthe kutshanje bafumene amawakawaka olwazi.

Abanye abathengi be-LastPass abafumene izilumkiso ezinjalo zoqhagamshelwano baye babonisa ukuba ii-imeyile zabo azikho kuluhlu lwezibini ezidityanisiweyo eziqokelelwe ngu-RedLine Stealer ukuba uDiachenko wafumana.

Ukongeza, yena ngokwakhe wabonisa ukuba lo yayingenguye umthombo wohlaselo:

“Kulungile, ndifumene izicelo ezimbalwa zokujonga ii-imeyile kwiilog zeRedLine Stealer, kwaye azikho. Wayengenaye ingxelo. Ngoko ngokucacileyo yayingengomthombo wohlaselo (ngelishwa, kuba oko bekuya kwenza ukuba i-vector iqondeke lula) ”.

Oku kuthetha ukuba, ubuncinane kwimeko yezinye zezi ngxelo, abathathi-nxaxheba abakhohlakeleyo abasemva kweenzame zokufumana. Baye basebenzisa ezinye iindlela ukuze babe amagama ayimfihlo kwiithagethi zabo.

Abanye abathengi baye baxela ukuba batshintshile igama eliyimfihlo labo ekubeni befumene isilumkiso sokungena, ukufumana esinye isilumkiso emva kokuba igama lokugqitha litshintshiwe.

“Umntu uzame ukufaka igama lam eliyimfihlo leLastPass izolo, emva koko umntu wazama kwakhona kwiiyure ezimbalwa emva kokuba ndiyitshintshile. Kuqhubeka ntoni ? «

Ukwenza izinto zibe mbi ngakumbi, abathengi abazame ukucima kunye nokucima i-akhawunti yabo ye-LastPass emva kokufumana ezi zilumkiso baxela ukuba bafumene "Into engahambanga kakuhle" emva kokucofa iqhosha elithi "Cima".

Ngelixa i-LastPass ingakhange ithotyelwe, abasebenzisi be-LastPass bayakhuthazwa ukuba benze ukuqinisekiswa kwezinto ezininzi ukukhusela iiakhawunti zabo.

Kwindawo yayo, i-LastPass ichaza:

"Ukuqinisekiswa kwezinto ezininzi (i-MFA), kunye nezaziso zokuchukumisa enye (i-OneTap) kwiselfowuni, iikhowudi ezithunyelwa ngeSMS okanye ukuqinisekiswa kweminwe, ibonelela ngoluhlu lwesibini lokhuseleko lokuqinisekisa isazisi somsebenzisi ngaphambi kokubanika ukufikelela. Nge-MFA, abalawuli banokumisela imigaqo-nkqubo yokuqinisekisa ehambelana nemigangatho yokhuseleko ngaphandle kokuphazamisa ixesha lomsebenzi okanye umsebenzi. I-LastPass MFA iya ngaphaya kokuqinisekiswa kwezinto ezimbini zemveli ukuqinisekisa ukuba abasebenzisi abalungileyo bafikelela kwidatha elungileyo ngexesha elifanelekileyo.


Umxholo wenqaku uyabambelela kwimigaqo yethu imigaqo yokuziphatha yokuhlela. Ukuxela impazamo cofa apha.

Yiba ngowokuqala ukuphawula

Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa.

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.