This isn’t the first has had to fix critical security flaws. In March of this year, the company had to fix some server-side issues and its extensions. If you use LastPass on now, though, you’ll want to your to the latest version. If your phone was stolen or lost and you need to re-enable the multi-factor authentication feature, LastPass has a list of recommended steps.

Ultimately, this exploit helped clue the company in that its response process needs an overhaul, as well. The original developer was unable to successfully notify the company about the exploit, which is why he used Medium. LastPass has since revamped it’s procedures for reporting issues like this. “At LastPass, investigating and responding to reports – and customer concerns in general – is our highest priority and we strive to always improve our internal processes,” said the company in a statement.

Source link


Please enter your comment!
Please enter your name here