1Password: LastPass passwords are not secure, we crack them for $100

 

1Password: LastPass passwords are not secure, we crack them for $100

The LastPass security breach controversy is ongoing. After an independent security analyst said that he found the statements made by LastPass unrealistic and that they were clearly lies, there was a harsh response from rival password management company 1Password. 

It's very easy to crack LastPass passwords!

LastPass claims that it will take millions of years to crack users' master passwords, but 1Password says this is not true for most users. He says it would only cost $100 to crack a typical LastPass user's master password.

Machine-generated passwords are more secure

Jeffrey Goldberg, the main security architect at 1Password, thinks it's safer to use machine-generated passwords. Goldberg said, "If you consider all the possible passwords of 12 characters, there are about 272 possibilities. It takes millions of years to try them all, it really takes a very long time. However, those who crack passwords created by humans do not do it this way; they first set up their systems to try the most likely passwords. Most of the user-generated passwords can be cracked with less than 10 billion guesses in a process that costs about $100.” he says.

1Password claims to be more secure

1Password uses an October layer of protection called Secret Key. The secret key is generated on the user's device, it does not go to 1Password, and the user data needs to be decrypted. Even if the master password is compromised, it's useless without the secret key.