"LastPass Mandates 12-Character Minimum for Master Passwords Post-Security Update"
LastPass is enforcing a new security measure requiring all users to have a master password of at least 12 characters. This change, effective from April 2023 for new accounts and password resets, now extends to all accounts to enhance security following two breaches in 2022. The company will also check new or updated master passwords against a database of credentials leaked on the dark web. Additionally, LastPass faced issues with a forced multi-factor authentication re-enrollment process in May 2023. These security updates come after LastPass experienced significant breaches in 2022, which led to the theft of source code and customer vault data, and were later linked to a cryptocurrency theft totaling $4.4 million. LastPass is widely used, with over 33 million individual users and 100,000 businesses.
- LastPass now requires 12-character master passwords for better security BleepingComputer
- LastPass will finally enforce a 12-character minimum master password The Verge
- LastPass Starts Requiring 12-Character Master Passcodes for All Accounts PCMag
- LastPass Updates Master Passwords Following Security Breaches How-To Geek
- LastPass prompting users to set a stronger master password after major security incident 9to5Mac
Reading Insights
0
1
2 min
vs 3 min read
78%
570 → 126 words
Want the full story? Read the original article
Read on BleepingComputer