Feb 17, 2014

Kickstarter CEO Recommends LastPass After Hack

In the wake of a hack that appears to have affected customer data, Kickstarter CEO Yancey Strickler has strongly recommended that users not only change their Kickstarter account password, and update passwords for any other accounts using the same one, but also start using a password manager like LastPass for help with password security.

In a blog post published Saturday, February 15th, Strickler announced that hackers had obtained unauthorized access to Kickstarter, the popular crowdfunding platform. Kickstarter was contacted by law enforcement officials on Wednesday night, alerting them to the hack, and they subsequently locked down the service and sent an email to the user base notifying them of the incident.

No credit card data was known to be affected, but other customer information was: usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords. Even though passwords were in an encrypted format, someone with enough computing power could try to guess and crack those passwords; weak and obvious passwords are most at-risk.

We applaud Kickstarter on taking the opportunity to mention how password managers can help customers recover from the hack. If any customers are using the same or similar passwords on other accounts, they should not only update their password on Kickstarter, but also log into other accounts and update their passwords there, too. LastPass can of course help manage this process.

For Kickstarter customers already using LastPass, you can go to the “Tools” menu of the LastPass icon and run the Security Challenge, which will tell you if you’re using your Kickstarter password elsewhere, and if you have any other weak or duplicate passwords that you should start changing.

You can help spread the word by recommending LastPass to friends and family (and earn Premium credit in the process!): https://lastpass.com/friendemail.php

For more tips on increasing your online security with LastPass, check out these other posts:

Your 3 Tasks for National Change Your Password Day
Start 2014 Right with These Security To-Do’s
Cybersecurity Tips for College Students (or anyone, really)

LastPass Updated with Performance Improvements

A LastPass update for all browsers is available. For most users, updates should go through automatically, though they can also be found on our downloads page here: https://lastpass.com/download

In the wake of our launch of LastPass 3.0, we’ve been working to make things faster and more powerful. Today’s release includes a number of bug fixes, performance enhancements, and fine-tuning of the product. For a full list of noted fixes and changes please see our release notes.

In addition, LastPass Premium users will enjoy some new features. On Android, the LastPass Premium app now supports the LastPass Security Challenge:

If you haven’t used this feature via the Tools menu of the desktop extension, the LastPass Security Challenge gives you a comprehensive overview of the data stored in your vault. The results identify all of your weak and duplicate passwords, and even alert you if your email address may have been involved in a breach, like Adobe’s in 2013. Now this great tool is at your fingertips!

Our Windows Phone users can also enjoy more multifactor authentication options with the LastPass mobile app, including Duo, Toopher, and Transakt by Entersekt.

We've got more changes in the works, so stay tuned!