Steve Gibson · @SGgrc

5th May 2011 from Twitlonger

Regarding LastPass's cautionary approach...

Everyone should take a deep breath and not hyperventilate about LastPass's possible database breach notification. LastPass is being ULTRA CAUTIOUS, which is what we all want.

The reason I have endorsed the LastPass system in the first place, after researching it thoroughly, is that EVEN THEY CAN'T DECRYPT the stuff we entrust them with. That means that even if someone got something from their database, it could not be readily used. (Not even our increasingly nosy governments, under court order.)

So, if that's true, what's the concern?

The concern is that if someone got EVERYTHING for one or more particular users, where "everything" means their account's hash and their hash salt ~ which LastPass DOES need to store for us in order to authenticate our logon ~ then such an attacker could theoretically mount an offline brute force attack against that/those users by repetitively trying every possible passphrase, hashing it with the user's unique salt, to see whether they can get the same resulting hash. If they could do that, then they would have discovered (the hard way) the user's passphrase, allowing the attacker to impersonate that user to LastPass, logging on as the user and obtaining their site & password collection.

... Except that LastPass is now blocking ANY logon using the "old" password from ANY mobile device and and ANY IP other than one that the user has recently used. Which completely defeats the bad guys even if they were finally discover the user's old password.

LastPass is also doing the one thing they need to, to make even the "brute forcing" attack infeasible: They are adding "password strengthening" which will require 100,000 hashing iterations PER PASSPHRASE GUESS, making any future brute force cracking effectively impossible.

(And remember, they're not even sure that anything was obtained. They mostly just saw some traffic volume that they couldn't account for, so they are being VERY cautious.)

I have changed my LastPass passcode (it was and will be a multi-symbol nightmare using upper and lowercase alpha, digits and symbols) because there's no reason NOT to err on the side of caution.

But I am every bit as happy and confident about my recommendation of LastPass today as I was yesterday. They are maturing their already secure system, making it more and more bulletproof and safer for us to use and trust.


Reply · Report Post