The popular password manager app LastPass just admitted to being hacked, and security experts are responding.
The question at hand is: Does this mean that password managers are just as hackable as any other security program?
This is as especially important question because historically most security experts believed password managers — like LastPass — to be the safest way for people to maintain their online identities.
Now experts aren’t so sure, and some are squaring off on forums like Twitter.
Here’s a rundown of some of the debates underway:
Digital culture expert Elizabeth Stark took issue with the practice of storing user passwords in a centralized place, such as LastPass' servers (although it should be noted that this collection of data is encrypted, meaning it is highly unlikely it will be breached):
Reason # 23083493483 why centralized user data storage is broken. @onename@muneeb@ryaneshea
— elizabeth stark (@starkness) June 15, 2015The ACLU’s principal technologist Christopher Soghoian responded in kind:
@starkness Wrong lesson. Right lesson: password reminders are a bad idea.
— Christopher Soghoian (@csoghoian) June 15, 2015Here, Soghoian is saying that plain-text reminders that logically lead people to remembering their passwords ae more hackable and problematic than password managers as a whole.
CNNMoney’s Jose Pagliery disagrees:
@csoghoian@starkness@kragen No, I disagree. There's not a single lesson here. Password managers are not smart.
— Jose Pagliery (@Jose_Pagliery) June 15, 2015
Since folks have asked, I use 1Pass but not the cloud sync. Here are the 1P internal specs:https://t.co/t7fWkJUONEhttps://t.co/4bmvTjPRYt
— Kenn White (@kennwhite) June 15, 2015
maybe let your readers know of better alternatives like keepassx instead of shaming them https://t.co/zyHthQ7Rgh
— Jillian C. York (@jilliancyork) June 15, 2015Join the conversation about this story »
NOW WATCH: Here's what happens when you drop an Apple Watch face down on cement