Photo by Towfiqu barbhuiya on Unsplash

If you are a long-time LastPass customer, you may be screwed!

In my previous article, I wrote about exercising your judgement call on assessing how easy it is to brute-force attack your LastPass master password.

In today’s article, I have more bad news for you.

Someone discovered gross undisclosed negligence on LastPass’s part that makes it extremely easy for an attacker to crack your password vault. You may be one of those who needs to take action immediately!

Password-Based Key Derivation Function (PBKDF)

Before I can explain LastPass’s gross negligence, I have to explain what PBKDF is.

As we know, the security of your password vault depends on the secrecy of your master password. That is because your master password is indirectly used to encrypt your password vault stored on LastPass’s servers, which are now compromised. If attackers do not know your master password, they cannot decrypt your password vault.

Your master password is never used directly to encrypt your password vault. Instead, the cryptographic key to encrypt your password vault is derived from your master password. To derive the cryptographic key, your master password is put through a mathematical function. That mathematical function produces a ‘hash’ of your master password. This hashing function is an irreversible function in the sense that you cannot mathematically deduce the master password from the hash. It is also extremely sensitive in the sense that any tiny modification to your master password will produce a wildly different hash.

The only way to deduce your master password for a given hash is to put through all permutations and combinations of input into the hashing function and see which one of them produces the same hash as your master password. The input that produces the same hash will be your master password. This is called the brute force method of password cracking.

Note: Actually, it is a bit more complicated. The input is not entirely your master password. Rather, it contains your master password.

Retarding brute force password cracking

To slow down the brute force method of password cracking, the hash of your master password is not used as the cryptographic key to encrypt your password vault. Instead, it is fed back into the hashing function to produce another hash, which is itself fed back into the hashing function to produce yet another hash. This process is repeated a specific number of times, which is called the “iteration count”. The final hash is used as the cryptographic key.

LastPass’s iteration count

LastPass set the most recent default iteration count to 100,100. That will slow down the speed of brute-force password cracking by a factor of 100,100.

What is LastPass’s negligence?

Despite LastPass’s claims that they have set the default iteration count to 100,100, many technically advanced users found out that their iteration count was set to 1 (ONE)!

What happened was that back in 2008, the iteration count was set to 1 (ONE) for all of their users. That was adequate security back then. Over the years, to combat advances in password-cracking technologies, LastPass progressively increased the iteration count from 500 to the most recent number of 100,100.

The problem is that LastPass neglected to increase the iteration count of their existing users retrospectively. So, many technically advanced users discovered that their iteration count was still stuck at the same number as when they first signed up for LastPass. For many loyal long-time users, their iteration count was still stuck at 1!

LastPass is negligent because they could have easily upgraded all of their existing users’ iteration count as the years go by. All they need to do is for the user to re-enter their master password and their computer could re-encrypt their password vault with a new cryptographic key derived from an increased iteration count of the hashing function.

But they did not do it.

How fast can your master password be cracked? How can I find out whether I am one of those who needs to take action now?

So, if you are the unlucky user whose iteration count is set to 1, how fast can attackers discover your master password? What if your iteration count is set to 500? 5,000? You will be shocked by the numbers I am about to give you!

Subscribe to continue reading

Become a paid subscriber to get access to the rest of this post and other exclusive content.