Cloud-Based Password Manager LastPass Hacked

Password managers are a very attractive target for hackers
Technology • Views: 58,453
Image via Shutterstock

One of the most popular password managers, LastPass, announced today that their network has been compromised.

In a blog post at their website, CEO Joe Siegrist stated they have no evidence encrypted user vaults were stolen, or that any user accounts were accessed. However, the attackers did manage to grab account email addresses, password reminders, and authentication hashes and salts — so this is potentially quite serious, especially for people who didn’t use strong master passwords.

The possibility of an attack like this is one big reason why I prefer to use 1Password as my own password management system, with the password vault only stored locally on my system and shared with my various devices (computer, iPhone, tablet) only via wifi. It’s a little less convenient this way, but this hack shows it’s probably worth the slight extra hassle.

Here’s the full statement from Joe Siegrist; if you’re a LastPass user you should definitely follow the advice herein:

We want to notify our community that on Friday, our team discovered and blocked suspicious activity on our network. In our investigation, we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed. The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.

We are confident that our encryption measures are sufficient to protect the vast majority of users. LastPass strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side. This additional strengthening makes it difficult to attack the stolen hashes with any significant speed.

Nonetheless, we are taking additional measures to ensure that your data remains secure, and users will be notified via email. We are requiring that all users who are logging in from a new device or IP address first verify their account by email, unless you have multifactor authentication enabled. As an added precaution, we will also be prompting users to update their master password.

If you have a weak master password or if you have reused your master password on any other website, please update it immediately. Then replace the passwords on those other websites.

Because encrypted user data was not taken, you do not need to change your passwords on sites stored in your LastPass vault. As always, we also recommend enabling multifactor authentication for added protection for your LastPass account.

Security and privacy are our top concerns here at LastPass. Over the years, we have been and continue to be dedicated to transparency and proactive measures to protect our users. In addition to the above steps, we’re working with the authorities and security forensic experts.

We apologize for the extra steps of verifying your account and updating your master password, but ultimately believe this will provide you better protection. Thank you for your understanding and support.

Joe Siegrist
& the LastPass Team

Jump to bottom

151 comments
1 No Country For Old Haters  Jun 15, 2015 1:17:21pm

My LastPass account is protected by a YubiKey. I hope that means I’m OK.

2 Kragar  Jun 15, 2015 1:17:46pm

I always laugh when a website says “We need you to update your private info so we can keep it safe!”

Why do you think I’m not giving you that information?

3 jimmyvluv4u  Jun 15, 2015 1:20:03pm

Isn’t this their second compromise in recent memory? It also ticks me off I’m learning about it from places like LGF and Lifehacker before any communication from LastPass.

Sigh… time to move onto something new. Maybe I’ll give 1Password a try.

4 goddamnedfrank  Jun 15, 2015 1:22:45pm

Who the fuck thought putting password vaults on the cloud was a good idea? That’s insane.

5 blueraven  Jun 15, 2015 1:23:46pm

OMG…Jeb!s speech.

He is just another warmonger.

6 jimmyvluv4u  Jun 15, 2015 1:24:06pm

re: #3 jimmyvluv4u

And… of course their website is too overloaded to change your master password now. Yeah, I’m done with them as soon as I have a few hours to migrate to something new.

7 Kragar  Jun 15, 2015 1:24:53pm

re: #5 blueraven

OMG…Jeb!s speech.

He is just another warmonger.

8 Kragar  Jun 15, 2015 1:25:45pm
9 No Country For Old Haters  Jun 15, 2015 1:25:55pm

re: #4 goddamnedfrank

Who the fuck thought putting password vaults on the cloud was a good idea? That’s insane.

If you don’t, you can only access your passwords at home, or by opening a port to your own password vault. I use mSecure on my phone and home PCs as a non-cloud password manager, but that doesn’t fill in passwords online for me.

10 darthstar  Jun 15, 2015 1:26:22pm

No more years!
No more years!
No more years!
No more years!
No more years!
No more years!

11 Feline Fearless Leader  Jun 15, 2015 1:27:39pm

re: #7 Kragar

Sounds like the clone candidates for President on Futurama. Nixon’s head would clean up in the GOP primary.

12 unproven innocence  Jun 15, 2015 1:31:00pm

Tomorrows weekly episode of Security Now (about 1:30 Pacific Time) should have interesting coverage, as both Leo and Steve are users of LastPass™

13 CuriousLurker  Jun 15, 2015 1:31:36pm

I use KeePass. It’s free, has a small footprint, and allows me to maintain control of my vault. it is indeed less convenient, but I prefer the peace of mind.

Additionally, I’m uber paranoid about keeping stuff separate. Anything related to social media, public blogs/forums, etc. each uses a different email account & password. Personal stuff related to shopping, bills, etc. uses a completely different set, each one equally unique, so even if a service/company I use gets hacked, the bad guys can only access that one account.

PITA? Yep, but it allows me to sleep pretty soundly

14 goddamnedfrank  Jun 15, 2015 1:32:50pm

re: #9 No Country For Old Haters

If you don’t, you can only access your passwords at home, or by opening a port to your own password vault. I use mSecure on my phone and home PCs as a non-cloud password manager, but that doesn’t fill in passwords online for me.

Or you can export the encrypted vault by choice as needed, 1Password will sync it with the Cloud if you want. A program keeping it on its own cloud 24/7 by default is just nuts though, one common point of failure.

15 Feline Fearless Leader  Jun 15, 2015 1:33:36pm

re: #12 unproven innocence

Tomorrows weekly episode of Security Now (about 1:30 Pacific Time) should have interesting coverage, as both Leo and Steve are users of LastPassTM

If the show is hosted by Theo and Cleve tomorrow we’ll know that something is up.

16 CuriousLurker  Jun 15, 2015 1:33:48pm

re: #4 goddamnedfrank

Who the fuck thought putting password vaults on the cloud was a good idea? That’s insane.

This. It’s crazy dangerous out there in the wild.

17 Kragar  Jun 15, 2015 1:34:27pm
18 SteveMcGaziBolaGate  Jun 15, 2015 1:34:55pm

Here are some of my passwords. Go for it

mtrp dial CL 33Fh!

Natalie me 72Re@

Eyes dp MrGib

EDIT: those are actually the service and username and password cues

19 HappyWarrior  Jun 15, 2015 1:35:06pm

re: #17 Kragar

[Embedded content]

Jeb can go fuck himself.

20 Targetpractice  Jun 15, 2015 1:35:55pm

re: #17 Kragar

[Embedded content]

The GOP’s mongering some more war. Must be a day ending in “Y”.

21 jaunte  Jun 15, 2015 1:36:32pm

¡Meh for Je.

22 Iwouldprefernotto  Jun 15, 2015 1:36:38pm

Hey patriot, how about spending more money on veterans?

(no, I’m not one, but I do believe it is a sin to be for more war while we have homeless vets and too many suicides to count).

23 HappyWarrior  Jun 15, 2015 1:37:07pm

re: #22 Iwouldprefernotto

Hey patriot, how about spending more money on veterans?

(no, I’m not one, but I do believe it is a sin to be for more war while we have homeless vets and too many suicides to count).

Absolutely.

24 goddamnedfrank  Jun 15, 2015 1:37:59pm

re: #14 goddamnedfrank

I mean 1Password will sync with the Cloud service of your choice, like iCloud or whatever. They aren’t putting all their customers’ passwords into one piggybank.

25 jaunte  Jun 15, 2015 1:38:02pm
26 Targetpractice  Jun 15, 2015 1:39:10pm

Perhaps Republicans could wait until they’ve paid off the last war before they start another one? Remember “fiscal responsibility”?

27 Kragar  Jun 15, 2015 1:39:19pm
28 darthstar  Jun 15, 2015 1:39:23pm
29 HappyWarrior  Jun 15, 2015 1:39:40pm

re: #25 jaunte

[Embedded content]

Yeah. It won’t be big enough to repudiate his worldview. We won’t see any landslides like we did in the past again.

30 darthstar  Jun 15, 2015 1:40:13pm
31 SteveMcGaziBolaGate  Jun 15, 2015 1:40:31pm

re: #28 darthstar

That is so 6 minutes ago:)

32 HappyWarrior  Jun 15, 2015 1:41:04pm

re: #26 Targetpractice

Perhaps Republicans could wait until they’ve paid off the last war before they start another one? Remember “fiscal responsibility”?

No kidding.

33 SteveMcGaziBolaGate  Jun 15, 2015 1:42:14pm

Maybe we’ll just send the freshly liberated masses a bill for our services.

34 darthstar  Jun 15, 2015 1:42:16pm
35 SteveMcGaziBolaGate  Jun 15, 2015 1:42:57pm

re: #34 darthstar

Hasn’t happened for Rick Frothymix lately.

36 Charles Johnson  Jun 15, 2015 1:43:49pm

re: #4 goddamnedfrank

Who the fuck thought putting password vaults on the cloud was a good idea? That’s insane.

If I have to leave town and need access to my password vault, I simply upload it to Dropbox (with a very strong master password, of course), and set 1Password to sync with Dropbox. Then when I get home, I can switch back to wifi and delete the vault from Dropbox.

Once the passwords are synced, though, it’s usually not vital to have the vault in a cloud like Dropbox, unless you’re planning to sign up for new services or change passwords.

37 Fourth Football of the Apocalypse  Jun 15, 2015 1:44:28pm

re: #34 darthstar

Nope.

/

38 Charles Johnson  Jun 15, 2015 1:45:04pm

Wow, the Sunday Times hit Greenwald and The Intercept with a DMCA take-down notice.

39 Kragar  Jun 15, 2015 1:45:18pm
40 SteveMcGaziBolaGate  Jun 15, 2015 1:45:49pm

re: #36 Charles Johnson

I don’t understand what you’re talking about, which is why I use the password stragedy I made up. I think the cues are vague enough only for me to understand and I don’t have to trust anybody or anything but myself.

41 No Country For Old Haters  Jun 15, 2015 1:45:57pm

re: #36 Charles Johnson

If I have to leave town and need access to my password vault, I simply upload it to Dropbox (with a very strong master password, of course), and set 1Password to sync with Dropbox. Then when I get home, I can switch back to wifi.

Once the passwords are synced, though, it’s usually not vital to have the vault in a cloud like Dropbox, unless you’re planning to sign up for new services or change passwords.

That’s probably equally secure to using LastPass with a good password and/or a YubiKey. If someone can break your protected vault at LastPass, they can also crack an encrypted file on DropBox.

The only way to really be remotely secure is to not place your passwords on a computer. Even a home PC can be transmitting data you think is protected if you have a virus or trojan on your PC.

42 Tigger2  Jun 15, 2015 1:46:20pm

Jeb sounds just like W to me.

43 No Country For Old Haters  Jun 15, 2015 1:47:12pm

re: #42 Tigger2

Jeb sounds just like W to me.

He seems much worse to me. W wasn’t so bad if you compare him to 2015 Conservatives.

44 CuriousLurker  Jun 15, 2015 1:47:36pm

re: #24 goddamnedfrank

I mean 1Password will sync with the Cloud service of your choice, like iCloud or whatever. They aren’t putting all their customers passwords into one piggybank.

I used to use one that filled in forms for you—can’t remember which one it was now—but when they moved to the cloud I stopped using it.

KeePass gives you the option to use a master password, key file, or both. It’s a Windows-only app, so it also let’s you add a third layer that only works with a specific Windows account (I’ve never bothered with that option). If I need to access it while out, I upload the vault to the cloud and then delete it as soon as I no longer need to use it.

CL ⇐ paranoid.

45 Kragar  Jun 15, 2015 1:49:07pm
46 HappyWarrior  Jun 15, 2015 1:49:52pm

re: #43 No Country For Old Haters

He seems much worse to me. W wasn’t so bad if you compare him to 2015 Conservatives.

Have to agree.

47 Feline Fearless Leader  Jun 15, 2015 1:50:43pm

re: #46 HappyWarrior

Have to agree.

I really don’t find that very reassuring. Like finding typhoid more likeable than bubonic plague.

48 HappyWarrior  Jun 15, 2015 1:51:45pm

re: #47 Feline Fearless Leader

I really don’t find that very reassuring. Like finding typhoid more likeable than bubonic plague.

I know, it just shows you that the GOP gets worse not better.

49 CuriousLurker  Jun 15, 2015 1:51:57pm

re: #43 No Country For Old Haters

He seems much worse to me. W wasn’t so bad if you compare him to 2015 Conservatives.

re: #46 HappyWarrior

Have to agree.

Ditto, much as I hate to admit it. The Overton window has moved wayyyy far to the right.

50 goddamnedfrank  Jun 15, 2015 1:52:15pm

re: #38 Charles Johnson

Wow, the Sunday Times hit Greenwald and The Intercept with a DMCA take-down notice.

[Embedded content]

They might have let it go, but you’ve got to protect your image copyrights. Greenwald just lifted the entire front page of the print edition.

51 HappyWarrior  Jun 15, 2015 1:52:35pm

re: #49 CuriousLurker

Ditto, much as I hate to admit it. The Overton window has moved wayyyy far to the right.

And it’s only going to get worse.

52 Feline Fearless Leader  Jun 15, 2015 1:53:16pm

re: #50 goddamnedfrank

They might have let it go, but you’ve got to protect your image copyrights. Greenwald just lifted the entire front page of the print edition.

Laws for ye, but not for libertarian dudebro.

53 Charles Johnson  Jun 15, 2015 1:54:25pm

re: #41 No Country For Old Haters

That’s probably equally secure to using LastPass with a good password and/or a YubiKey. If someone can break your protected vault at LastPass, they can also crack an encrypted file on DropBox.

Yes, but I never keep it on Dropbox permanently. It’s only there if I need it for a short time.

The only way to really be remotely secure is to not place your passwords on a computer. Even a home PC can be transmitting data you think is protected if you have a virus or trojan on your PC.

True, but at least if you use a locally-based password manager you’re not depending on someone else’s security. And the major advantage of a password manager is that all your passwords can be super-strong random strings of numbers, letters and symbols, and you never have to remember or type any of them.

54 b.d.  Jun 15, 2015 1:54:39pm

re: #50 goddamnedfrank

They might have let it go, but you’ve got to protect your image copyrights. Greenwald just lifted the entire front page of the print edition.

It’s also tit-for-tat. Accuse us of shoddy journalism and we’ll do the same to you for using our stuff without permission.

55 blueraven  Jun 15, 2015 1:54:42pm

So some Dreamers interrupted Jeb! and the crowd responds with chants of USA, USA, USA!!!

56 HappyWarrior  Jun 15, 2015 1:55:58pm

re: #55 blueraven

So some Dreamers interrupted Jeb! and the crowd responds with chants of USA, USA, USA!!!

Of course.

57 allegro  Jun 15, 2015 1:57:04pm

re: #55 blueraven

So some Dreamers interrupted Jeb! and the crowd responds with chants of USA, USA, USA!!!

You libtards always shut down dissent! Censorship!

Wait. Wut?

58 CuriousLurker  Jun 15, 2015 1:57:30pm

re: #38 Charles Johnson

Wow, the Sunday Times hit Greenwald and The Intercept with a DMCA take-down notice.

[Embedded content]

Heh, he’ll no doubt be furious: How dare they! They’re just doing it out of spite because we called them out on their lies! *hiss*

59 Tigger2  Jun 15, 2015 1:57:53pm

re: #55 blueraven

So some Dreamers interrupted Jeb! and the crowd responds with chants of USA, USA, USA!!!

With Jeb having a Latino wife I don’t know how half the knuckledraggers can support him the way they feel about Latinos.

60 CuriousLurker  Jun 15, 2015 1:59:04pm

Okay then. Later.

61 HappyWarrior  Jun 15, 2015 1:59:38pm

What’s fucked ip is the dreamers want to be part of the U.S but Jeb and his party oppose allowing them to naturalize.

62 HappyWarrior  Jun 15, 2015 2:00:27pm

re: #59 Tigger2

With Jeb having a Latino wife I don’t know how half the knuckledraggers can support him the way they feel about Latinos.

They’ll use that bit to claim they’re not racist while being hostile to other Latinos.

63 blueraven  Jun 15, 2015 2:01:12pm

re: #59 Tigger2

With Jeb having a Latino wife I don’t know how half the knuckledraggers can support him the way they feel about Latinos.

It is just such a nasty way to say “We are Americans, you are NOT and you are not welcome here”.

64 Kragar  Jun 15, 2015 2:01:30pm
65 Iwouldprefernotto  Jun 15, 2015 2:02:01pm

re: #57 allegro

You libtards always shut down dissent! Censorship!

Wait. Wut?

Speaking of dreamers, I went to the Hillary launch on Saturday. She had a dreamer speak, a university grad from Texas. She gave most of her speech in Spanish. I was a little put off, because to me it sends the wrong message. I don’t care how much of an accent you have, A speech like this should be in English (mostly). I do not want to give my opponents any ammunition. “look they don’t even want to learn our language.” Maybe I’m overreacting, but it’s going to be a long campaign and the dreamers have an extremely strong story to tell.

Thoughts?

66 EPR-radar  Jun 15, 2015 2:02:08pm

re: #25 jaunte

Of course, the (R) nominee will get over 45% of the popular vote in 2016, no matter what.

The GOP could nominate a three-eyed goat whose only ability is projectile puking from both ends at once and not fall below the 45% floor.

67 HappyWarrior  Jun 15, 2015 2:02:22pm

re: #64 Kragar

[Embedded content]

Good points. Did not know that about Bernie’s son btw.

68 Charles Johnson  Jun 15, 2015 2:03:31pm

The latest beta version of the front page redesign is now up: littlegreenfootballs.com

It now has advertisements, LGF Pages lists, and sharing buttons, and all the Javascript features are working.

69 Decatur Deb  Jun 15, 2015 2:03:33pm

You kids and your passwords. The ARPAnet Army pounded rules into us:

1. Don’t have a lot of secrets.
2. Don’t have a lot of passwords.
3. Never write a password down.
4. Change as frequently as your socks.

70 Kragar  Jun 15, 2015 2:05:03pm

re: #69 Decatur Deb

You kids and your passwords. The ARPAnet Army pounded rules into us:

1. Don’t have a lot of secrets.
2. Don’t have a lot of passwords.
3. Never write a password down.
4. Change as frequently as your socks.

Passwords are like underwear.

Change them often and don’t share them with others.

71 jaunte  Jun 15, 2015 2:05:21pm
72 Decatur Deb  Jun 15, 2015 2:05:26pm

re: #68 Charles Johnson

The latest beta version of the front page redesign is now up: littlegreenfootballs.com

It now has advertisements, LGF Pages lists, and sharing buttons, and all the Javascript features are working.

Looking better and better. The great sin of the new Wonkette page is that the articles and advertisements are not instantly separable.

73 blueraven  Jun 15, 2015 2:06:14pm

re: #67 HappyWarrior

Good points. Did know that about Bernie’s son btw.

Meh…I like to leave the kids out of it.
A parent can do the best they can and still, kids can do some very stupid things. Comparing kids just seems off to me.

74 danarchy  Jun 15, 2015 2:07:43pm

re: #69 Decatur Deb

You kids and your passwords. The ARPAnet Army pounded rules into us:

1. Don’t have a lot of secrets.
2. Don’t have a lot of passwords.
3. Never write a password down.
4. Change as frequently as your socks.

All except for number 2 are good advice. You should not use the same password or small number of passwords for everything. What you don’t need is a hacker hacking into your instagram account and by default getting your online banking password. Different passwords for everything, or at least everything important.

75 b_sharp  Jun 15, 2015 2:08:25pm

re: #44 CuriousLurker

I used to use one that filled in forms for you—can’t remember which one it was now—but when they moved to the cloud I stopped using it.

KeePass gives you the option to use a master password, key file, or both. It’s a Windows-only app, so it also let’s you add a third layer that only works with a specific Windows account (I’ve never bothered with that option). If I need to access it while out, I upload the vault to the cloud and then delete it as soon as I no longer need to use it.

CL ⇐ paranoid.

I use Keepass too.

76 HappyWarrior  Jun 15, 2015 2:08:33pm

re: #73 blueraven

Meh…I like to leave the kids out of it.
A parent can do the best they can and still, kids can do some very stupid things. Comparing kids just seems off to me.

Well I think it’s fair game at least with Huckabee who has attacked the parenting of the Obamas and Rand Paul who likes to look down on African Anerican parents. I’m usually reluctant to but if Republicans are going to tout themselves as a family values party, this is fair. Tough but fair.

77 Tigger2  Jun 15, 2015 2:10:11pm

re: #68 Charles Johnson

The latest beta version of the front page redesign is now up: littlegreenfootballs.com

It now has advertisements, LGF Pages lists, and sharing buttons, and all the Javascript features are working.

I like that one.
It’s not to complicated and busy for an old geezer like me.

78 darthstar  Jun 15, 2015 2:11:20pm

re: #36 Charles Johnson

If I have to leave town and need access to my password vault, I simply upload it to Dropbox (with a very strong master password, of course), and set 1Password to sync with Dropbox. Then when I get home, I can switch back to wifi and delete the vault from Dropbox.

Once the passwords are synced, though, it’s usually not vital to have the vault in a cloud like Dropbox, unless you’re planning to sign up for new services or change passwords.

I have an innocently named protected spreadsheet. My passwords listed there are all just hints (First letter of pwd, capitalized or with a punctuation character if I’m using a variant of my standard password).

79 The Vicious Babushka  Jun 15, 2015 2:11:34pm

re: #68 Charles Johnson

The latest beta version of the front page redesign is now up: littlegreenfootballs.com

It now has advertisements, LGF Pages lists, and sharing buttons, and all the Javascript features are working.

I can live with this :)

80 allegro  Jun 15, 2015 2:12:41pm

re: #65 Iwouldprefernotto

Speaking of dreamers, I went to the Hillary launch on Saturday. She had a dreamer speak, a university grad from Texas. She gave most of her speech in Spanish. I was a little put off, because to me it sends the wrong message. I don’t care how much of an accent you have, A speech like this should be in English (mostly). I do not want to give my opponents any ammunition. “look they don’t even want to learn our language.” Maybe I’m overreacting, but it’s going to be a long campaign and the dreamers have an extremely strong story to tell.

Thoughts?

I think one should give a speech in the language of the audience so they can understand what’s being said. Otherwise what’s the point of giving the speech? Was it a primarily English speaking audience? Was there a translator?

As to your point re: optics… I can argue the validity of it yet I think probably anyone who has a problem with it isn’t gonna vote Dem no matter what so fuck ‘em.

81 darthstar  Jun 15, 2015 2:12:46pm

Working for Jeb! blows.

82 EPR-radar  Jun 15, 2015 2:12:54pm

re: #73 blueraven

Meh…I like to leave the kids out of it.
A parent can do the best they can and still, kids can do some very stupid things. Comparing kids just seems off to me.

In the abstract, I agree with this. However, Republicans are so tedious with their holier-than-thou crap that casting a very wide net in looking for their hypocrisy seems reasonable to me.

It’s similar to chicken-hawking. I certainly don’t think that serving in the armed forces should be a prerequisite for opining on US war and peace issues. However, war mongers who assiduously avoid any service on their own part really do deserve to be mocked as chicken hawks.

83 HappyWarrior  Jun 15, 2015 2:13:10pm

It’s not just that they tout themselves as having family values, it’s that they especially Huckabee shit on liberal and gay parents too.

84 Decatur Deb  Jun 15, 2015 2:14:04pm

re: #74 danarchy

All except for number 2 are good advice. You should not use the same password or small number of passwords for everything. What you don’t need is a hacker hacking into your instagram account and by default getting your online banking password. Different passwords for everything, or at least everything important.

Yeah, sometimes they’re forced on you, and I never use the same password or even user name. I’ve got a very long alphanumeric memorized which generates new passwords (in my head) transforming patterned calendrics and the situation. Minimizing the Internet profile is one reason to stay off FB and Twitter.

85 EPR-radar  Jun 15, 2015 2:15:02pm

re: #81 darthstar

Hopefully nobody shows that picture to Bryan Fischer. He’ll get ideas, and have to perform penance by vomiting up worse hate than usual.

86 goddamnedfrank  Jun 15, 2015 2:15:16pm

re: #74 danarchy

All except for number 2 are good advice. You should not use the same password or small number of passwords for everything. What you don’t need is a hacker hacking into your instagram account and by default getting your online banking password. Different passwords for everything, or at least everything important.

1Password works so well because it’s the best of both worlds. It generates very long passwords for very website and service, consisting effectively of totally random noise. It encrypts and stores all those passwords behind a pass phrase that you choose. Best practice for the passphrase is to choose a super long string of random words that are easy for you to remember but together effectively become unguessable nonsense for anybody else.

87 Targetpractice  Jun 15, 2015 2:15:17pm

re: #68 Charles Johnson

The latest beta version of the front page redesign is now up: littlegreenfootballs.com

It now has advertisements, LGF Pages lists, and sharing buttons, and all the Javascript features are working.

Lookin’ good.

88 HappyWarrior  Jun 15, 2015 2:15:19pm

re: #82 EPR-radar

In the abstract, I agree with this. However, Republicans are so tedious with their holier-than-thou crap that casting a very wide net in looking for their hypocrisy seems reasonable to me.

It’s similar to chicken-hawking. I certainly don’t think that serving in the armed forces should be a prerequisite for opining on US war and peace issues. However, war mongers who assiduously avoid any service on their own part really do deserve to be mocked as chicken hawks.

Right, my thoughts exactly.

89 wrenchwench  Jun 15, 2015 2:15:47pm

re: #84 Decatur Deb

Yeah, sometimes they’re forced on you, and I never use the same password or even user name. I’ve got a very long alphanumeric memorized which generates new passwords (in my head) transforming patterned calendrics and the situation. Minimizing the Internet profile is one reason to stay off FB and Twitter.

Sometimes you even pass as female.

90 klys (maker of Silmarils)  Jun 15, 2015 2:15:50pm

re: #68 Charles Johnson

The latest beta version of the front page redesign is now up: littlegreenfootballs.com

It now has advertisements, LGF Pages lists, and sharing buttons, and all the Javascript features are working.

It’s a lot easier to tell what the chronological order is, so I appreciate that.

I’m guessing most other Lizards don’t get the ads from embroidery floss, but they added a nice touch.

91 Cheechako  Jun 15, 2015 2:16:06pm

re: #81 darthstar

Working for Jeb! blows.

[Embedded content]

Looks like Republican “Big Dick” condoms.

92 Tigger2  Jun 15, 2015 2:17:16pm

re: #77 Tigger2

I like that one.
It’s not to complicated and busy for an old geezer like me.

Charles could you delete this comment, I when to edit the one above and must have hit the wrong button and it posted again. Thanks.

93 CuriousLurker  Jun 15, 2015 2:17:51pm

re: #71 jaunte

[Embedded content]

If it had it, it’s been deleted since it got tweeted. Coders & programmers will often put weird/funny stuff in their code to amuse themselves (and other coders/programmers). I do it all the time in my code comments.

94 Iwouldprefernotto  Jun 15, 2015 2:18:30pm

re: #80 allegro

I think one should give a speech in the language of the audience so they can understand what’s being said. Otherwise what’s the point of giving the speech? Was it a primarily English speaking audience? Was there a translator?

As to your point re: optics… I can argue the validity of it yet I think probably anyone who has a problem with it isn’t gonna vote Dem no matter what so fuck ‘em.

It’s New York, plenty of Spanish speakers, but mostly native English speakers.

95 Drive By Commenter  Jun 15, 2015 2:18:33pm

I see my elderly Tea Bag neighbor has his “Carson For President” car magnet back up on his ride. He had it off for a while and I mistakenly thought maybe some sense had appeared. Nah.

96 Decatur Deb  Jun 15, 2015 2:19:55pm

re: #89 wrenchwench

Sometimes you even pass as female.

Only when I apply to be president of feminist civil rights groups.

97 Targetpractice  Jun 15, 2015 2:20:12pm

re: #64 Kragar

[Embedded content]

Don’t expect any of that to ever be brought up in the discussion, because “serious” people get antsy if you mention a candidate’s family, let alone point out that they don’t practice at home what they preach out on the campaign trail.

98 HappyWarrior  Jun 15, 2015 2:20:38pm

re: #95 Drive By Commenter

I see my elderly Tea Bag neighbor has his “Carson For President” car magnet back up on his ride. He had it off for a while and I mistakenly thought maybe some sense had appeared. Nah.

Love how Obama was unqualified but somehow Carson is. This is his first time running for any office I think.

99 wrenchwench  Jun 15, 2015 2:20:48pm

re: #96 Decatur Deb

Only when I apply to be president of feminist civil rights groups.

You’ll have my vote!

100 HappyWarrior  Jun 15, 2015 2:22:54pm

re: #97 Targetpractice

Don’t expect any of that to ever be brought up in the discussion, because “serious” people get antsy if you mention a candidate’s family, let alone point out that they don’t practice at home what they preach out on the campaign trail.

I’m usually reluctant myself but Huckabee asks for it when he criticizes how Sasha and Malia’s parents did raising them. These guys love to shit on other parents then their own parenting should be questioned if their child has multiple arrests or one for some thing like David Huckabee.

101 danarchy  Jun 15, 2015 2:22:56pm

re: #86 goddamnedfrank

1Password works so well because it’s the best of both worlds. It generates very long passwords for very website and service, consisting effectively of totally random noise. It encrypts and stores all those passwords behind a pass phrase that you choose. Best practice for the passphrase is to choose a super long string of random words that are easy for you to remember but together effectively become unguessable nonsense for anybody else.

Yeah, I do IT support for scores of companies and have to maintain passwords for all of them. I actually use Corporate Vault. That way I can maintain it on my own equipment but I can get access to it from any client site I happen to be at.

sourceforge.net

102 EPR-radar  Jun 15, 2015 2:24:02pm

re: #97 Targetpractice

Don’t expect any of that to ever be brought up in the discussion, because “serious” people get antsy if you mention a candidate’s family, let alone point out that they don’t practice at home what they preach out on the campaign trail.

It sure is convenient for the GOP that most manifestations of their insanity are too “unserious” to be covered by the MSM. For example, Palin’s crank religious beliefs didn’t see much exposure at all in 2008 (certainly much less than the Rev. Wright business).

Or when was the last time the MSM took a hard look at what creationism really is in US politics, and how it is getting entrenched in the GOP party platform?

103 Iwouldprefernotto  Jun 15, 2015 2:25:46pm

Jeb is running on his record
Carly is running on her record
Ben CArson is running

It’s going to be a long campaign

104 darthstar  Jun 15, 2015 2:26:09pm
105 HappyWarrior  Jun 15, 2015 2:27:10pm

re: #104 darthstar

[Embedded content]

Real original Jeb, the teacher Union boogeyman.

106 Targetpractice  Jun 15, 2015 2:27:30pm

re: #103 Iwouldprefernotto

Jeb is running on his record
Carly is running on her record
Ben CArson is running

It’s going to be a long campaign

I don’t have nearly enough popcorn…

107 darthstar  Jun 15, 2015 2:27:50pm

re: #105 HappyWarrior

Real original Jeb, the teacher Union boogeyman.

I think he was talking about the Teamsters.

108 HappyWarrior  Jun 15, 2015 2:28:48pm

re: #107 darthstar

I think he was talking about the Teamsters.

Only teamsters I knew taught me how to hide bodies.//

109 wrenchwench  Jun 15, 2015 2:29:18pm

re: #107 darthstar

I think he was talking about the Teamsters.

I’d rather take orders from any Teamster than from mom.

110 Targetpractice  Jun 15, 2015 2:29:50pm

re: #104 darthstar

[Embedded content]

“UNIONS! BOOGA BOOGA!!!”

Congrats, Jeb, on giving a cookie cutter Republican speech.

111 HappyWarrior  Jun 15, 2015 2:32:56pm

Color me unimpressed with Jeb so far.it really is showing that he hasn’t run for office in over a decade.

112 Iwouldprefernotto  Jun 15, 2015 2:33:33pm

re: #111 HappyWarrior

Color me unimpressed with Jeb so far.it really is showing that he hasn’t run for office in over a decade.

And Hillary is ready to go.

113 HappyWarrior  Jun 15, 2015 2:34:38pm

re: #112 Iwouldprefernotto

And Hillary is ready to go.

Yeah Hillary to her credit seems to have learned from the mistakes she made in 2008. She seems fresh and actually running as being for something rather than Jeb and the other Republicans which are your usual can of Republican negativity bullshit.

114 #FergusonFireside  Jun 15, 2015 2:35:25pm

re: #90 klys (maker of Silmarils)

It’s a lot easier to tell what the chronological order is, so I appreciate that.

I’m guessing most other Lizards don’t get the ads from embroidery floss, but they added a nice touch.

Embedded Image

I’m getting CL’s electric fly swatter.

She always persists. (thank goodness those scary mannequins are finally kaput)

115 darthstar  Jun 15, 2015 2:36:03pm
116 HappyWarrior  Jun 15, 2015 2:36:59pm

re: #115 darthstar

[Embedded content]

That awkward feeling when your nickname is an acronym.

117 Targetpractice  Jun 15, 2015 2:37:51pm

re: #115 darthstar

[Embedded content]

Yeah, I think Willard Romney would have had a harder time being taken seriously.

118 Decatur Deb  Jun 15, 2015 2:38:31pm

re: #108 HappyWarrior

Only teamsters I knew taught me how to hide bodies.//

Wife was a Teamster—they organized Doubleday Books at Rockefeller Center. Teamsters also broke our IUE line at Louisville Appliance Park, so fuck them in full solidarity.

119 Justanotherhuman  Jun 15, 2015 2:39:27pm

re: #81 darthstar

Working for Jeb! blows.

[Embedded content]

Blowing up those penises, I see.

120 goddamnedfrank  Jun 15, 2015 2:39:54pm

re: #116 HappyWarrior

7 Ways We Can Prove That Jeb And Gob Are Actually the Same Person

121 Archangelus  Jun 15, 2015 2:40:06pm

re: #106 Targetpractice

I don’t have nearly enough popcorn…

It’s ok, i made arrangements when the last clown Rep candidate stepped out of the car announced for 2016:

122 HappyWarrior  Jun 15, 2015 2:40:59pm

re: #120 goddamnedfrank

7 Ways We Can Prove That Jeb And Gob Are Actually the Same Person

Brilliant.

123 Kragar  Jun 15, 2015 2:44:04pm

re: #116 HappyWarrior

That awkward feeling when your nickname is an acronym.

124 Archangelus  Jun 15, 2015 2:45:19pm

re: #121 Archangelus

Gah, really should photoshop that someday to have it state “I’m” and not ‘Im’… bothers me every time… /GrammarCenturion

125 Justanotherhuman  Jun 15, 2015 2:48:32pm

Alaska…

Alaska Red Flag Fire Advisories Cover 2/3 of State

nbcnews.com

126 Kragar  Jun 15, 2015 2:48:43pm
127 Cheechako  Jun 15, 2015 2:55:56pm

re: #125 Justanotherhuman

Just hit 85 at my house in SE Alaska.

128 Brother Holy Cruise Missile of Mild Acceptance  Jun 15, 2015 2:57:46pm

On Cue:

Who could blame him MRAs speak out in support of Open Carry murderer

And you know, if the ginger avenger was still on twitter he’d be all over the place defending this guy.

129 Justanotherhuman  Jun 15, 2015 2:58:50pm

Good grief.

130 Ace-o-aces  Jun 15, 2015 2:59:50pm

re: #128 Brother Holy Cruise Missile of Mild Acceptance

On Cue:

Who could blame him MRAs speak out in support of Open Carry murderer

And you know, if the ginger avenger was still on twitter he’d be all over the place defending this guy.

Link not working

131 Brother Holy Cruise Missile of Mild Acceptance  Jun 15, 2015 3:00:51pm

re: #130 Ace-o-aces

Fixed there and here.

132 Charles Johnson  Jun 15, 2015 3:02:06pm

Looks like Glenn Greenwald has successfully bullied a whole bunch of journalists again, into denouncing the Sunday Times report because it was based on anonymous sources in the UK government — a technique almost all journalists use on a regular basis.

I really don’t understand why so many journos are so easily cowed by Greenwald into doing his bidding, time after time.

133 Justanotherhuman  Jun 15, 2015 3:02:32pm
134 TedStriker  Jun 15, 2015 3:03:06pm

re: #129 Justanotherhuman

Good grief.

135 Kragar  Jun 15, 2015 3:03:58pm

re: #132 Charles Johnson

He also used the whole “Well, they didn’t get the docs from Snowden” line which:

1) Can’t be confirmed because we only have his word on it and

2) Doesn’t mean the files couldn’t have been accessed thru one of the cached copies Snowden and Greenwald claim they put out there.

136 Targetpractice  Jun 15, 2015 3:04:37pm

re: #132 Charles Johnson

Looks like Glenn Greenwald has successfully bullied a whole bunch of journalists again, into denouncing the Sunday Times report because it was based on anonymous sources in the UK government — a technique almost all journalists use on a regular basis.

I really don’t understand why so many journos are so easily cowed by Greenwald into doing his bidding, time after time.

Yeah, because Glenn has never relied upon anonymous sources, right?

137 Justanotherhuman  Jun 15, 2015 3:04:39pm
138 CuriousLurker  Jun 15, 2015 3:08:14pm

re: #132 Charles Johnson

The Sunday Times article is for the “willfully gullible”, according to some.

139 blueraven  Jun 15, 2015 3:08:26pm

re: #132 Charles Johnson

Looks like Glenn Greenwald has successfully bullied a whole bunch of journalists again, into denouncing the Sunday Times report because it was based on anonymous sources in the UK government — a technique almost all journalists use on a regular basis.

I really don’t understand why so many journos are so easily cowed by Greenwald into doing his bidding, time after time.

Wait, didnt he defend Sy Hersh’s vat of crazy using anonymous sourcing?

140 Justanotherhuman  Jun 15, 2015 3:09:07pm

re: #132 Charles Johnson

Will the Foreign Secretary do?

“British Foreign Secretary Philip Hammond said Snowden has badly damaged the West’s ability to protect its citizens. “As to the specific allegations this morning, we never comment on operational intelligence matters, so I’m not going to talk about what we have or haven’t done in order to mitigate the effect of the Snowden revelations, but nobody should be in any doubt that Edward Snowden has caused immense damage,” he told Sky News.”

washingtonpost.com

141 Whack-A-Mole  Jun 15, 2015 3:10:40pm

re: #68 Charles Johnson

I really like that layout. Fresh looking but still bears enough similarity to the original layout to be instantly recognizable as LGF.

142 Justanotherhuman  Jun 15, 2015 3:11:21pm

Yeah, MI6 is going to invite Greenwald into their inner circle to discuss the matter.

I’ll let him know. ; )

143 Rev_Arthur_Icantbreatheing  Jun 15, 2015 3:11:52pm

re: #44 CuriousLurker

I used to use one that filled in forms for you—can’t remember which one it was now—but when they moved to the cloud I stopped using it.

KeePass gives you the option to use a master password, key file, or both. It’s a Windows-only app, so it also let’s you add a third layer that only works with a specific Windows account (I’ve never bothered with that option). If I need to access it while out, I upload the vault to the cloud and then delete it as soon as I no longer need to use it.

CL ⇐ paranoid.

It doesn’t just run on Windows. I used to use it, but found the interface too clunky on the Mac.

144 Justanotherhuman  Jun 15, 2015 3:13:07pm
145 Kragar  Jun 15, 2015 3:15:35pm
146 CuriousLurker  Jun 15, 2015 3:19:01pm

re: #143 Rev_Arthur_Icantbreatheing

It doesn’t just run on Windows. I used to use it, but found the interface too clunky on the Mac.

Didn’t know that. It used to be Windows-only, or at least that’s what I thought (I could’ve been wrong). I no longer have my MacBook Pro, so I wouldn’t have looked for it lately. It works well on iOS though.

147 TedStriker  Jun 15, 2015 3:19:56pm

re: #3 jimmyvluv4u

Isn’t this their second compromise in recent memory? It also ticks me off I’m learning about it from places like LGF and Lifehacker before any communication from LastPass.

Sigh… time to move onto something new. Maybe I’ll give 1Password a try.

re: #13 CuriousLurker

I use KeePass. It’s free, has a small footprint, and allows me to maintain control of my vault. it is indeed less convenient, but I prefer the peace of mind.

Additionally, I’m uber paranoid about keeping stuff separate. Anything related to social media, public blogs/forums, etc. each uses a different email account & password. Personal stuff related to shopping, bills, etc. uses a completely different set, each one equally unique, so even if a service/company I use gets hacked, the bad guys can only access that one account.

PITA? Yep, but it allows me to sleep pretty soundly

I used to use KeePass a long time ago; the main reason I went to Lastpass was that the lion’s share of KeePass development was Windows-only and the Android port was piss-poor. So, I went to Lastpass; for my master password, I follow the same 45-day mandatory password change window that I’ve had to do at work for years and make it long enough that I’d take a good long while to crack, but short enough to learn and remember easily.

In short, while changing my master password out-of-cycle is a minor PITA, I trust Lastpass, because they’ve been forthright about this and other security issues in the past; the value/utility vs. security equation, for me at least, weighs heavily towards staying with Keepass. The Windows and Android apps are well-built and quite functional; I can literally update a password in my Lastpass vault on my PC and see the change in the Android app almost immediately and you can also do a security audit on the strength of all your passwords in the vault.

148 The Vicious Babushka  Jun 15, 2015 3:33:03pm

re: #132 Charles Johnson

Looks like Glenn Greenwald has successfully bullied a whole bunch of journalists again, into denouncing the Sunday Times report because it was based on anonymous sources in the UK government — a technique almost all journalists use on a regular basis.

I really don’t understand why so many journos are so easily cowed by Greenwald into doing his bidding, time after time.

He has all the naked pictures of them.

149 BlueSpotinAL  Jun 15, 2015 3:45:24pm

re: #35 SteveMcGaziBolaGate

Hasn’t happened for Rick Frothymix lately.

What is the sound of one fan clapping?

150 BlueSpotinAL  Jun 15, 2015 3:53:15pm

re: #95 Drive By Commenter

I see my elderly Tea Bag neighbor has his “Carson For President” car magnet back up on his ride. He had it off for a while and I mistakenly thought maybe some sense had appeared. Nah.

It proves he is not the racist. He just doesn’t like thugs. //

151 lawhawk  Jun 16, 2015 5:44:42am

re: #24 goddamnedfrank

I mean 1Password will sync with the Cloud service of your choice, like iCloud or whatever. They aren’t putting all their customers’ passwords into one piggybank.

And they can even sync up with your own personal cloud storage (like a NAS or WD myCloud drive).


This article has been archived.
Comments are closed.

Jump to top

Create a PageThis is the LGF Pages posting bookmarklet. To use it, drag this button to your browser's bookmark bar, and title it 'LGF Pages' (or whatever you like). Then browse to a site you want to post, select some text on the page to use for a quote, click the bookmarklet, and the Pages posting window will appear with the title, text, and any embedded video or audio files already filled in, ready to go.
Or... you can just click this button to open the Pages posting window right away.
Last updated: 2023-04-04 11:11 am PDT LGF User's Guide RSS Feeds

Help support Little Green Footballs!

Subscribe now for ad-free access!Register and sign in to a free LGF account before subscribing, and your ad-free access will be automatically enabled.

Donate with
PayPal Cash.app
Recent PagesClick to refresh
Texas County at Center of Border Fight Is Overwhelmed by Migrant Deaths EAGLE PASS, Tex. - The undertaker lighted a cigarette and held it between his latex-gloved fingers as he stood over the bloated body bag lying in the bed of his battered pickup truck. The woman had been fished out ...
Cheechako
Yesterday
Views: 107 • Comments: 0 • Rating: 0