Recently, a researcher claimed that LastPass, a popular password vault, was vulnerable to a zero day flaw that could potentially affect millions of people. Commenting, Lee Munson, security researcher for Comparitech.com, said:
"The vulnerabilities reportedly discovered in LastPass highlight how any coded piece of software can pose security risks if it hasn’t been extensively reviewed and tested.
"The fact that Tavis Ormandy claimed a “quick look” at one of the leading password managers on the market revealed “obvious” security problems is, of course, cause for concern but it shouldn’t put you off using such an application.
"As I’ve argued before, using a password manager to securely – for the most part – store all your complex login credentials is a far, far better option than reusing the same password across all the sites you visit and every account you create online.
"And LastPass itself has a great reputation for doing ‘the right thing,’ having proven itself to be open and honest about security incidents – which affect all companies - in the past.
"Whether that reputation is an indication of how it will continue into a future that now sees it under the stewardship of the far more corporate LogMeIn, which itself is about to merge with Citrix, is of course up for debate."