Your IT Consultant

No Backdoor in LastPass Password Manager

April 16, 2019

Yet again, law enforcement asked the technology community to break the encryption protecting user’s data. As reported by Softpedia, the Drug Enforcement Administration (DEA) reached out to LastPass to gain access to Stephan Caamano’s password vault. Apparently, he is under investigation for trafficking a counterfeit drug and money laundering. When the DEA asked LastPass to crack into Caamano’s data the response was a big fat “nope, we can’t do it.” LastPass explained that password managers like LastPass do not store encryption keys on company’s servers, as all the data is decrypted on the user’s device. To state it another way, the data can only be accessed from the device where the password manager is installed and only when the master password is provided.

Good news indeed. Yet again, another reason to be using a password manager. I suppose the government will keep asking for backdoors to be built into technology even though it’s probably the second dumbest request the government could make. Your choice as to what the dumbest request would be.

Email:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com