Millions of LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations.
“Someone just used your master password to try to log in to your account from a device or location we didn’t recognize,” the login alerts warn.
At the moment, it is not clear whether LastPass has been compromised or whether this breach is a result of a credential stuffing attempt but for now, please follow these steps to protect yourself:
- Change your master password and make sure your new password is at least ten characters long and contains an upper case, lower case, number, and a symbol. You can even use a modified phrase or a line from a song if that helps you remember.
- Make sure you do not use the same password twice, as this leaves you vulnerable to credential stuffing.
- Check out Incognito’s Email Hack Check tool. All you have to do is enter your email address, and we will tell you instantly if it has been involved in one of the many data breaches that happen every day.
Let me know if you need any help.
All the best,
Incognito Privacy Care