26th April 2017 by John E Dunn
Recently we’ve been writing about LastPass more than seems healthy.
March saw two rounds of serious flaws made public by Google’s Tavis Ormandy (quickly fixed), which seemed like a lot for a single week. Days ago, news emerged of a new issue (also fixed) in the company’s two-factor/two-step authentication (2FA) security.
To coin a phrase, all serious flaws are serious – but some are more serious than others.
This one matters for two reasons, only one of which will sound flippant: it wasn’t discovered by Tavis Ormandy, who at times has seemed to be writing a novella on flaw-hunting with the company’s name on it. That’s fine – researching vulnerabilities is his day job, after all.
Another researcher with a taste for LastPass, researcher Martin Vigo, uncovered the latest issue, and it’s the 2FA bit of the story that explains the angst.
Full Article
Take a look at the best antivirus, anti-malware, anti-spy, etc. software
Powered by WPeMatico