top | item 34105686

(no title)

bb101 | 3 years ago

Field 6 "sharedfromaid": "aid of the sharer's Site/Secure Note" is unencrypted. The hackers will be able to infer relationships between Lastpass users.

Field 10: "genpw": "Is an auto-saved generated password". Good for deciding whether to brute force or not.

Yikes. I can't imagine why anyone would trust Lastpass after this.

discuss

wlonkly|3 years ago

Last password change date is a good way to figure out if a password is in a known breach dump, too.