1. LastPass is now enforcing longer master passwords to improve security.

2. This change is a PR stunt that won't help users affected by the 2022 breach.

3. LastPass failed to upgrade older customers to more secure encryption protections.

4. Increasing the number of iterations can make it harder for attackers to crack master passwords.

5. LastPass users with weak master passwords and lower iterations are more vulnerable to offline attacks.

6. LastPass blames users for not using longer passphrases, but experts say it's the company's fault.

7. LastPass is not recommending users to change all passwords secured by the stolen master password.

8. LastPass has a history of weak defaults and is not recommended by some experts.

9. LastPass's actions won't help those affected by the breach, but may improve security in the future.

Hashtags: #LastPass #PasswordSecurity #DataBreach #Cybersecurity #Encryption #OnlineVaults #UserProtection #PRStunt #MasterPassword #SecurityImprovements

https://krebsonsecurity.com/2023/09/lastpass-horse-gone-barn-bolted-is-strong-password/