So your password manager was breached: What do you do now?

  • Home
  • Blog
  • So your password manager was breached: What do you do now?
So your password manager was breached: What do you do now?

So your password manager was breached: What do you do now?

Amanda Young Blog

Almost everyone should now know the importance of secure passwords and many people and businesses use password managers to help with this and to keep track of the abundance of passwords we all use in our day-to-day lives. But what do you do if your password manager was breached?

In December 2022 LastPass reported several breaches of their company which caused some, somewhat warranted, panic in many of us that may use their service. We have compiled some steps you can take to help mitigate your risks in this instance or if something similar happens to the password manager you use in the future.

One question you might be asking yourself is, “Are all my passwords out there on the dark web for anyone to buy?” The answer is generally, no, but you should still jump into action when you hear about a breach. Many quality password managers have features that make it very difficult (although not impossible) for hackers to discover your passwords.

What you should do now?

In order to ensure that your password vault is secured you should change your master password that you use to access your vault. Another way to be proactive is to change your passwords on some of your more important accounts like your financial accounts. When creating your new password make sure that this password is:

  1. At least 14 characters long (making it longer will make it harder to guess);
  2. Contains a mix of letters (lower case and upper case), numbers and special characters (&*-#$!, etc.);
  3. Easy for you to remember (you want a long password so it’s difficult to guess but you still need to be able to remember it easily),
  4. One example to create an easy to remember secure password is: instead of HappyDay use ****1111HappyDay1111****;
  5. Don’t forget to set up Multi-factor Authentication (MFA) in order to add another level of security to your password.

If you use a password manager for your business you should follow your incident response protocols and contact your security team or MSP to help you secure your systems. You will also want to communicate this with all of your employees so that they are aware, in case they use the same manager for personal use, and so that they can follow the appropriate procedures.

Contact Tobin Solutions for more information on what you can do to secure your systems.

Photo by <a target=”_blank” href=”″>Jack Moreh</a> from <a target=”_blank” href=””>Freerange Stock</a>