软餐获悉,LastPass 现在要求客户设置至少 12 个字符的主密码。密码长度不够的用户将被要求重新设置长密码。这是自 2022 年 LastPass 遭黑客攻击事件后的安全防范措施。当时 LastPass 对现有账户未作这一强制要求,但现在这项要求适用于全体用户。LastPass 用户将来未来几天收到要求修改密码的通知邮件。LastPass 还将把用户新设置的密码与已知泄露密码数据进行比对,存在风险的用户需要再次修改密码。
2022 年底发生的黑客攻击事件中,LastPass 用户的用户名和密码数据被盗,由于这些数据都是加密的,且只有使用主密码才能解密数据,主密码并未由 LastPass 存储,因此这次事件似乎并未导致严重后果。
LastPass now requires customers to set a master password of at least 12 characters. Users with passwords that are not long enough will be prompted to reset to a longer password. This is a security measure implemented after the hacking incident that occurred in 2022, which affected LastPass. At that time, LastPass did not enforce this requirement for existing accounts, but now it applies to all users. LastPass users will receive notification emails in the coming days requesting them to change their passwords. LastPass will also compare the newly set passwords with known leaked password data, and users at risk will need to modify their passwords.
During the hacking incident that took place at the end of 2022, LastPass user usernames and password data were stolen. However, since this data was encrypted and could only be decrypted using the master password, which LastPass does not store, the incident does not seem to have resulted in serious consequences.
微信扫一扫