Password management software company LastPass is asking its customers to change their master passwords due to a possible security breach detected by the company. The LastPass service helps users to store multiple passwords for ease of access and to guard against the possibility of inadvertently losing them. The individual passwords are protected with a strong "master" password, the encrypted version of which the company feared could have been stolen in the wake of a "network traffic anomaly" earlier in the week.

The initial precautionary strategy entails enforcing a password change on all its users, which resulted in the slowing down of the network--which resulted in some users being locked out of their accounts. Others were caught in a Catch-22 situation as they could not log into their email as part of the procedure necessary to change their master password. LastPass has since switched tactics to allow users to log into the software using "offline" mode.

In an exclusive interview with PCWorld, LastPass chief executive Joe Siegrist, sought to defend the usefulness of his company's service with the observation that "I'd say that anytime you're storing data centrally, you're risking something." When users handle things the right way, with the use of a strong master password however, Siegrist noted users really do protect themselves.

For more on this story:
- check out this article at IT Pro
- check out this article at InformationWeek
- check out this article at IB Times

Related Articles:
Researchers tap into CAPTCHA to overcome problem of weak passwords 
Google unveils two-factor authentication for users 
Gawker hack the result of poor security preparation 
User names and passwords of 1.3 million stolen in weekend Gawker Media hack