The LastPass Hack Shows Your Password Manager is Less Secure Than You Think. Web3 Has the Solution.

February 13, 2023

The numerous security breaches that took place at password-manager giant LastPass in 2022 have caused serious concern among millions of customers -- and raised important questions about the wisdom of storing important information within web2 password managers.

LastPass dropped a bombshell in November when it announced that cybercriminals had stolen customers’ encrypted password vaults in a data breach.

The firm, which stores private data and sells itself on “top-tier security measures,” says hackers entered the company’s systems and looted users’ information including passwords and usernames, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service.

After an investigation, LastPass later admitted that an attacker was able to “access and decrypt some storage volumes” after accessing a cloud-based storage environment.

The company has tried convincing customers that their login information is safe. Security experts disagree. An article by security researcher Wladimir Palant criticizes the company for lack of transparency. He points out the company has long-ignored calls to encrypt data such as URLs, meaning it is now difficult to trust the firm going forward.

There are numerous security issues with cloud-based password managers such as LastPass. One of the most significant issues is where users’ encryption keys are stored and how well the firm secures this environment. 

With centralized storage, these decisions are out of the users’ hands, meaning you cannot ever ensure the security of your data. At ShareRing, we want to put people back in control of their data by removing centralized storage from the equation. 

Do I need a password manager?

In a word -- yes. The number of passwords we need to utilize and call upon is constantly increasing. At the same time, the number of threat actors trying to hack into your accounts is also growing. In other words: “123456” and “password” (the two most common passwords on the internet) don’t cut it anymore. 

Password managers help store your passwords securely, so you don’t need to remember them. It also means you can maintain extremely strong and unique passwords for every login you need to authenticate. This is convenient and makes your online presence far less vulnerable to attacks. The problem is choosing a password manager that you can trust.

ShareRing’s Password Manager -- a new feature inside Vault

ShareRing has an upcoming new feature in the ShareRing Vault that lets you store your usernames and passwords without risk. 

Crucially, our new Password Manager works across web2 and web3 applications while leveraging decentralized storage to keep your information 100% secure. 

Unlike web2 solutions like LastPass, where data is stored in the cloud, the ShareRing Password Manager cannot be compromised by cybercriminals. Your data is encrypted against your ShareRing Vault private key -- never stored in the cloud -- meaning you are the only person who can ever access it. 

To use ShareRing Password Manager, click on the web extension while using a web browser. The extension will activate and display a QR code. Scan the code to extract the password and username from your Vault, and authenticate your login. 

ShareRing Password Manager is now in alpha release. Visit our beta test website, scan the QR code and sign up to explore other ShareRing products in development.

From the ShareRing Blog

Keep reading

See all articles
Read this article
Read this article
Read this article
Read this article
Read this article
Read this article
Read this article
Read this article
Get Started with ShareRing

Secure your digital future

Galaxy Store Logo
Download for iOS