Popular password management service LastPass informed its users Monday that it had detected and blocked "suspicious activity" on its networks on Friday. LastPass works as an app or browser extension that keeps track of passwords for you, requiring only one "master password" to be remembered in order to access the rest. In a blog post, the company assured users that their passwords are completely safe, but that emails associated with accounts, and hints for their "master password" were swiped by the attackers.
Related: Second Cyberattack on U.S. May Have Exposed Security Information
"We are confident that our encryption measures are sufficient to protect the vast majority of users," wrote CEO Joe Siegrist in the post. "Nonetheless, we are taking additional measures to ensure that your data remains secure."
Anyone logging in from a new device or IP will be asked to check in via email or some other form of multi-factor authentication. And if you had a weak master password, you should probably change it, especially if your hint was "first dog's name" or something likewise revealing.
Related: Federal Data Breach: Can the Government Protect Itself From Hackers?
