You are here: Blog Josh Coppage Think Microsoft Will Extend Windows 10 Support? Think Again

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Considering LastPass’ Breach, Should Password Managers Be Trusted?

Voyage Technology Blog Security
0 Comments
Considering LastPass’ Breach, Should Password Managers Be Trusted?

It’s been about a month since LastPass—one of the most well-known and popular password managers out there—suffered a security breach where attackers managed to worm their way into the systems where LastPass stored its source code. Let’s review the situation, and what your response should be.

First, let’s go over what we know.

LastPass Lost Their Intellectual Property, Not Customer or Employee Data

According to the password manager’s report, no customer or employee data was successfully accessed, with those responsible instead only gaining access to the password manager’s proprietary source code. We say “only” because many pieces of proprietary software these days use many, many open source components, all of which need to be documented even if some modifications were made.

So, while LastPass’ source code could be helpful to a prospective attacker, it isn’t going to be their magic bullet to get in.

This is also why open-source projects—where source code is openly shared so it can be examined and improved upon—are able to exist. Many of these open source projects have received security updates for vulnerabilities that went unnoticed, despite all eyes having access to the code.

Furthermore, a Decent Password Manager is Effectively Useless to Break Into

To explain this, let’s pretend that your password manager is like a giant bank. You go to the bank and deposit your money—your passwords and other credentials—into their vault for safekeeping.

The fear is that, should someone manage to break into the bank and access the vault, all of your money is there for the taking. This would be the case if your password manager was just storing the passwords you provided on their own servers. However, that isn’t how a reputable password manager functions.

To return to our bank analogy, the vault is really only filled with safety deposit boxes that are brought to you when you need to access them. You have your master key (the password to the vault) along with another, secondary form of identity authentication to provide that is generated on the spot, and required to access your safety deposit box.

Notice that the bank doesn’t have the key to your vault, meaning that they actually can’t allow someone else to access your safety deposit box, whether that someone is a criminal or a member of law enforcement.

This is how a password manager works: rather than storing your passwords, encrypted versions of your passwords are stored—and, with you being the only one with the password to your other passwords, the password manager can’t decrypt them on its own.

So Yes, It is Still a Good Idea to Use a Password Manager…

…and for a few reasons, too.

  • A decent password manager helps reinforce password best practices, in that it condenses the tens and dozens of passwords you should be remembering into a single password that is supported by multi-factor authentication. It’s no secret that many people shrug off the best practice of using a unique password for each account. Because the password manager stores them for you, you only need to remember the one password that gives you access to your password storage.

  • A decent password manager can help you come up with better passwords, preventing you from using recognizable patterns. I want you to do me a favor and think of a completely random password. Now, consider that password and see if you included any personal details or other information that could be associated with you. Did you stick to a pattern that you’ve used in your other passwords? A password manager can help you avoid these habits by generating longer, more complex passwords on your behalf.

  • A decent password manager will stop you from recycling passwords. Let’s say that a website you have an account on is hacked, and your login credentials are exposed in the data breach. If you’ve used the same login credentials elsewhere, that’s another however-many accounts that have been compromised. A password manager removes the temptation to use the same password everywhere, because it makes it easier for you to switch them up.

  • A decent password manager will help protect you from phishing sites. You and your password manager see websites differently, so while you may see Facebook or a Gmail login page, your password manager won’t, and will prompt you to not put in your credentials.

Make No Mistake, the LastPass Hack Isn’t Good News…

…but it also isn’t nearly as bad as it could have been. Voyage Technology is here to help you make sure that your security is as established as possible, protecting you from issues, threats, and attacks—including through the use of a reliable password manager. Give us a call at 800.618.9844 to find out what we offer to businesses.

Tweet
Tags:
Data Security Passwords
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 25 April 2025

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Business Computing Data Productivity Business Software Innovation Hackers Cloud Network Security User Tips Hardware Internet Efficiency IT Support Malware Privacy Google Email Workplace Tips Phishing Computer IT Services Hosted Solutions Users Collaboration Mobile Device Ransomware Workplace Strategy Quick Tips Small Business Cybersecurity Microsoft Passwords Communication Data Backup Smartphone Backup Saving Money Business Management Smartphones Android VoIP communications Mobile Devices Managed Service Upgrade Disaster Recovery Browser Data Recovery Social Media Managed IT Services Microsoft Office Windows Network Remote Tech Term Internet of Things Current Events Facebook Productivity Automation Artificial Intelligence Covid-19 Cloud Computing Gadgets AI Remote Work Miscellaneous Server Managed Service Provider Information Holiday Outsourced IT Encryption Employee/Employer Relationship Spam Windows 10 Office Compliance Government Training Business Continuity Data Management Blockchain Virtualization Wi-Fi Business Technology Bandwidth Windows 10 Data Security Apps Two-factor Authentication Mobile Office App BYOD Vendor Employer-Employee Relationship Managed Services Voice over Internet Protocol Chrome Budget Mobile Device Management Apple Networking Gmail BDR WiFi Computing Applications Information Technology Access Control Office 365 Hacker IT Support Tip of the week Avoiding Downtime Conferencing Marketing How To Big Data Operating System HIPAA Router Virtual Private Network Risk Management Health Computers Help Desk Analytics Office Tips Augmented Reality Healthcare Website Retail Storage Password Bring Your Own Device Managed IT Services Going Green Patch Management Solutions The Internet of Things Save Money Remote Monitoring Vulnerability End of Support Social Vendor Management Cybercrime Physical Security Windows 11 Display Printer 2FA Paperless Office Customer Service Infrastructure Excel Monitoring Remote Workers Document Management Telephone Scam Free Resource Project Management Data loss Windows 7 Firewall Cooperation Microsoft 365 Safety Telephone System Robot Cost Management Settings Employees Printing Integration Wireless Content Filtering IT Management VPN YouTube Meetings Holidays Cryptocurrency User Tip Modem Customer Relationship Management Data Storage Processor Computer Repair Mobile Security Supply Chain Virtual Desktop Video Conferencing Hacking Data storage Managed Services Provider LiFi Presentation Virtual Machines Professional Services Smart Technology Outlook Machine Learning Wireless Technology Money Saving Time Humor iPhone Managed IT Service Maintenance Vulnerabilities Sports Downloads Word Antivirus Mouse Data Privacy Licensing Images 101 Entertainment Administration Multi-Factor Authentication Mobility Remote Working Legal Data Analysis Memory Vendors IT solutions Star Wars How To Microsoft Excel Undo Data Breach Business Growth Gamification Google Play Be Proactive Notifications Staff Workforce Travel Social Networking Legislation Videos Electronic Health Records Techology Fileless Malware Wasting Time Threats Google Maps Cortana Wearable Technology Trend Micro Alt Codes Content Security Cameras Workplace Strategies Health IT Meta Downtime Unified Threat Management Motherboard Comparison Software as a Service Application Unified Threat Management Directions Managing Costs Amazon Hosted Solution Assessment Permissions eCommerce Typing SSID Virtual Assistant Outsource IT Network Congestion Specifications IBM Surveillance Google Drive User Error Microchip Virtual Machine Environment Internet Exlporer Media Knowledge Fraud Reviews Username Medical IT Transportation Small Businesses Point of Sale 5G Black Friday Development Google Docs Hypervisor Displays Unified Communications Database Experience Running Cable Tech Support IT Technicians Competition Shopping Optimization Bitcoin Network Management PowerPoint Google Wallet Proxy Server Employer/Employee Relationships Outsourcing Cookies Monitors Cyber Monday PCI DSS Tactics Navigation Hotspot Laptop Websites Mirgation Gig Economy Windows 8 Workplace Drones Teamwork Hiring/Firing Nanotechnology User Internet Service Provider Regulations Compliance SharePoint Addiction Evernote Paperless Electronic Medical Records Language Halloween Chatbots Memes Management Co-managed IT Net Neutrality Lenovo SQL Server Technology Care Screen Reader Writing Distributed Denial of Service IP Address Financial Data History Service Level Agreement Business Communications Virtual Reality Computing Infrastructure Scams Scary Stories Private Cloud Identity Smartwatch IT Hacks Server Management Procurement Superfish Bookmark Azure Hybrid Work Identity Theft Smart Tech Fun Recovery Hard Drives Telework Cyber security Deep Learning Download Tech Human Resources Twitter Alerts Cables Error Domains CES Communitications Supply Chain Management Browsers Education Connectivity Social Engineering Break Fix Refrigeration FinTech Upload Term Google Apps Remote Computing IT Maintenance Multi-Factor Security Public Speaking IT Assessment Mobile Computing Social Network Flexibility Value Business Intelligence Tablet IoT Search Dark Web Lithium-ion battery Organization Entrepreneur Best Practice Trends Shortcuts Alert Ransmoware Buisness File Sharing Regulations Dark Data Google Calendar Digital Security Cameras Smart Devices Managed IT Customer Resource management

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015