On June 15th, the popular password managing company, LastPass announced a major security breach in its systems. The company admitted to having most of its user email addresses, password reminders, server per user salts, and authentication hashes having breached.

However, there’s no reason to panic. A lot of blogs seems to have misinterpreted the situation by over-exaggerating the security breach. But, rest assured your data, including your master password is safe, LastPass confirmed via a new update on June 16th.

There’s No Need to Worry

LastPass hashes your password thousands of times locally and then again 100,000 times before storing server-side. According to password security expert Jeremi Gosney, not even the most powerful password cracking GPU would be able to crack that much of a strongly hashed password. Which means, even if your password was 12345678, it’s completely safe from the hackers.

The security firm also confirmed that there was no breach in its encrypted user vaults. So, your secure notes, site usernames, form-fill data and passwords are safe from hackers.

What to Do Now

There’s no need to change your master password. It’s perfectly secured. But, if it helps you feel safe, you can go ahead and change your LastPass master password. If you’ve used any of the passwords on other websites, change them as well, just to be on the safe side.

Be extremely careful when changing the master password. One small typo could lock you away from all your passwords.

Read Also: Edward Snowden Gives Tips on How to Create Better Passwords

To add an extra layer of protection, you can also enable LastPass multifactor authentication. LastPass doesn’t have built-in multifactor authentication, so you’ll have to set it up using a third-party service. Google offer the service for free. Go over here for more info on that.

[ Via: LastPass Blog / Ars Technica ]
(All images, trademarks shown on this post are the property of their respective owners)

Follow @nrjperera – Roshan Jerad Perera