LastPass reveals cause of major password manager outage
The company seems to have DoS'ed itself
Popular password manager LastPass has revealed what it believes caused a 12-hour outage which frustrated many users and even prompted some to consider switching to other providers.
Simply put, it seems that a recent update for the LastPass Chrome extension triggered a denial of service on the company servers.
“LastPass customers may be experiencing login issues and product latency due to an update to our Chrome browser extension earlier today which inadvertently caused load issues on our backend infrastructure,” the announcement read. “The LastPass engineering team is actively working diligently to resolve these issues as quickly as possible. Customers can visit the LastPass Status Page for updates and details on product components that are experiencing login and latency issues.”
404 Not Found
As reported by BleepingComputer, users who tried to access their password vaults, or log into their accounts last week were met with the “404 Not Found” message, which usually indicates that the website does not exist.
While LastPass said its services were reestablished, some people were still reporting downtime: "Won't work in Chrome since the last update. I can access my vault, but cannot launch any of the sites I have in it. Clicking the "Launch" button does nothing!!," a fresh review on the Chrome web store reads.
Others on the store were also complaining about the drop in quality after performing well for “ages”.
At press time, the LastPass Status Page was showing all systems stable. The latest update was posted on Friday evening, stating “LastPass performance continues to be stable and fully operational. We will continue to actively monitor the service throughout the weekend before setting this incident to 'resolved' status.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In recent times, cybersecurity researchers have been urging users to create strong passwords and store them in password managers. This resulted in many users not even knowing many of their passwords, but just relying on the managers for safekeeping. With the LastPass outage, many people were unable to log into many of their favorite apps and services.
More from TechRadar Pro
- LastPass officially splits from former parent GoTo
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.