LastPass Hacked! Change Master Password Now!

sch911 wrote:
Always thought passwords should be stored in one's brain, which short of torture or waterboarding is pretty secure. Why do people use these things? Laziness?

When I worked in Defense the rules were every account one had on classified computers had to have a different password which needed to be changed every 90 days and couldn't be reused. The company extended this rule to all computers, even the unclassified ones. It's virtually impossible to keep up with all the passwords especially when one has accounts on a dozen or more systems. And to make matters even worse, if you wrote the password down or stored it in a file or password keeper app and that password was for a classified account, the record of the password was itself classified and had to be treated as such.

The hilarious part of this was the Corporate Security Officer had to have access to every classified computer's BIOS and Administrator accounts. Realizing she couldn't remember the thousands of passwords required and couldn't meet the requirement of changing them every 90 days she created an except to the rule for herself. All her passwords on all computers were set the same and never changed!