Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
philistine
on Dec 24, 2022
|
parent
|
context
|
favorite
| on:
The situation at LastPass may be worse than they a...
Perhaps the crypto passwords were stored in the unencrypted URL field, or could be understood from data in there.
https://twitter.com/SwiftOnSecurity/status/16060717986671738...
LilBytes
on Dec 24, 2022
[–]
Seems very likely, it's now known (maybe always was) that metadata fields aren't encrypted. If Twitter poster added those keys to a 'metadata field's then they were clear text.
LastPass has a LOT to answer for.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
https://twitter.com/SwiftOnSecurity/status/16060717986671738...