Larion Studios forum stores your passwords in unhashed plaintext. Don’t use a password there that you’ve used anywhere else.

  • @[email protected]
    link
    fedilink
    English
    11 year ago

    I heard people’s LastPass accounts were getting compromised after that theft, but I also don’t know how strong their master passwords were.

    • Zagorath
      link
      fedilink
      English
      41 year ago

      Yeah at this point it’s considered likely that LastPass vaults are being cracked, based on LP being the common link between various other accounts that are being breeched.

      A small number of rounds of encryption being the default for users with old enough accounts is believed to be a significant part of the issue. It means even if their password was a good one, the vault can be brute forced comparatively quickly.

      • @[email protected]
        link
        fedilink
        English
        11 year ago

        If their password was actually good (18+ random characters) it’s not feasible with current day technology to brute force, no matter how few PBKDF2 iterations were used.

        Obviously it’s still a big issue because in many cases people don’t use strong enough passwords (and apparently LastPass stored some of the information in plaintext) but a strong password is still good protection provided the encryption algorithm doesn’t have any known exploitable weaknesses.