Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 04, 2016, 12:08:19 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: After PSN. Who's next?  (Read 9018 times)

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 7,713
    • View Profile
    • The Blog of Deozaan
    • Read more about this member.
    • Donate to Member
Re: After PSN. Who's next?
« Reply #25 on: May 06, 2011, 05:03:34 PM »
I'm not happy with LastPass right now. >:(

I just went out of town today to stay at my sister's house for the weekend. I tried to sign into LastPass so I could sign into my other accounts, but due to this recent anomaly they wanted me to verify that I was myself. They did this by sending me an e-mail.

How am I supposed to log into my e-mail account to get the verification e-mail when my 40 character password to my e-mail account is stored away in my LastPass account that I can't log in to until I verify my e-mail?

>:( :mad: >:( :mad: :down:


phitsc

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 1,187
    • View Profile
    • Donate to Member
Re: After PSN. Who's next?
« Reply #26 on: May 06, 2011, 05:18:23 PM »
How am I supposed to log into my e-mail account to get the verification e-mail when my 40 character password to my e-mail account is stored away in my LastPass account that I can't log in to until I verify my e-mail?

>:( :mad: >:( :mad: :down:

That's a 2.8E64 years brute force attack (according to the Excel sheet from here) ;D

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: After PSN. Who's next?
« Reply #27 on: May 06, 2011, 06:06:20 PM »
How am I supposed to log into my e-mail account to get the verification e-mail when my 40 character password to my e-mail account is stored away in my LastPass account that I can't log in to until I verify my e-mail?

And this why you should always know what the password to your e-mail account is, since it's your ID around the web. And a 40 character passphrase should be strong enough, I guess :D

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 7,713
    • View Profile
    • The Blog of Deozaan
    • Read more about this member.
    • Donate to Member
Re: After PSN. Who's next?
« Reply #28 on: May 06, 2011, 06:41:38 PM »
But LastPass was supposed to be the last password I'd need to remember.

Ever.

Says so right on their website and Twitter profile.


cthorpe

  • Discount Coordinator
  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 728
  • c++thorpe
    • View Profile
    • Donate to Member
Re: After PSN. Who's next?
« Reply #29 on: May 06, 2011, 11:41:51 PM »
I know it sucks that you can't access anything right now, but the fact that you can't actually points to LastPass doing its job.  There is a chance, however slim that may be, that your encrypted password was accessed by a third party.  You are trying to log in from an ip address outside of your home isp's block.  From their end, you could very well be one of the hackers.

I'd take inconvenience over lax security.



tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 10,315
    • View Profile
    • Donate to Member
Re: After PSN. Who's next?
« Reply #30 on: May 07, 2011, 03:48:38 AM »
But LastPass was supposed to be the last password I'd need to remember.

Ever.

Says so right on their website and Twitter profile.

I followed the suggestions in the link quoted below - & changed my email password yesterday to an easy to remember phrase (three words, a little quirky so it's not too easy).

Nobody dismisses '"brute force" cracking techniques as being impractical any more. Today's multicore CPUs make it an extremely workable crack for most passwords people are able to commit to memory.

Check this out concerning brute force cracking of passwords. Was posted just recently somewhere.

I was trying to change my LastPass password yesterday and couldnt - I think it was overloaded...
[edit] Still overloaded :-\ - Sorry! We are a bit overloaded right now. Try again in a few hours. [/edit]
Tom
« Last Edit: May 07, 2011, 04:05:53 AM by tomos »

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 7,713
    • View Profile
    • The Blog of Deozaan
    • Read more about this member.
    • Donate to Member
Re: After PSN. Who's next?
« Reply #31 on: May 08, 2011, 09:05:20 PM »
In retrospect, I do think that LastPass did the right thing. I just didn't like the method they used for verifying I was who I said I was, since I was stuck in a loop.

Luckily I had my phone with me (even though I no longer have phone service on it) and luckily it had the password to the wifi where I was, so I was able to access my e-mail on my phone and regain access to services while I was out of town.

Anyway, here's an article about how the Lastpass Disclosure Shows Why We Can't Have Nice Things.