So, which of the lengthy list of two part authentication methods do people recommend?
I have little experience but would like something that won’t hit me up for every login, only if something changes (unfamiliar device, remote IP).
I don’t have cell service at home, so having to use the phone to authenticate every time is going to be an issue. Unless that authentication also works over wifi under iOS?
> On Jun 16, 2015, at 8:12 AM, Geoffrey Duke <[log in to unmask]> wrote:
> Analysis from Ars Technica:
> Hack of cloud-based LastPass exposes hashed master passwords
> Users: Change your master password and enable 2-factor authentication immediately.
> ... Ars resident password expert Jeremi Gosney said the real-world risks the breach posed to end users was minimal. He based his assessment on the LastPass response to the breach and the system that was in place when it happened.
> Full article: http://arstechnica.com/security/2015/06/hack-of-cloud-based-lastpass-exposes-encrypted-master-passwords/
>> -----Original Message-----
>> From: Technology Discussion at UVM [mailto:[log in to unmask]] On
>> Behalf Of Jacob Beauregard
>> Sent: Monday, June 15, 2015 7:07 PM
>> To: [log in to unmask]
>> Subject: LastPass was breached
>> "We want to notify our community that on Friday, our team discovered and
>> blocked suspicious activity on our network. In our investigation, we
>> have found no evidence that encrypted user vault data was taken, nor
>> that LastPass user accounts were accessed. The investigation has shown,
>> however, that LastPass account email addresses, password reminders,
>> server per user salts, and authentication hashes were compromised."
CAS IT Administrator
UVM, College of Arts & Sciences
[log in to unmask]
To submit a request for service please use: