Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.
One of the biggest password security apps was just hacked and here's how privacy experts are reacting
One of the biggest password security apps was just hacked and here's how privacy experts are reacting
Cale Guthrie WeissmanJun 16, 2015, 04:18 IST
The popular password manager app LastPass just admitted to being hacked, and security experts are responding.The question at hand is: Does this mean that password managers are just as hackable as any other security program?This is as especially important question because historically most security experts believed password managers - like LastPass - to be the safest way for people to maintain their online identities.Now experts aren't so sure, and some are squaring off on forums like Twitter.Here's a rundown of some of the debates underway:Digital culture expert Elizabeth Stark took issue with the practice of storing user passwords in a centralized place, such as LastPass' servers (although it should be noted that this collection of data is encrypted, meaning it is highly unlikely it will be breached):The ACLU's principal technologist Christopher Soghoian responded in kind:Here, Soghoian is saying that plain-text reminders that logically lead people to remembering their passwords ae more hackable and problematic than password managers as a whole. CNNMoney's Jose Pagliery disagrees:But perhaps the most vexing issue at the core of this debate is: What is to be done? Does this mean that nothing is safe?While no consensus was drawn, experts generally believe that not having a central repository of this data is best. Even better, some say, is storing this sort of encrypted password data locally. Here are tweets from noted privacy experts Kenn White and Jillian York with a few recommendations:The general tenor is that this LastPass breach isn't good, and even those who follow the most stringent practices don't agree on the effect this could have.But, in the end, there are a few things to learn from this saga.
