What you need to know
- LastPass inadvertently unlisted its browser extension for Chrome yesterday.
- The extension is in the process of being reviewed and listed back on the Chrome Web Store.
- In the meantime, users can still access their login credentials via LastPass's website or its mobile apps.
LastPass seemingly shot itself in the foot yesterday and accidentally unlisted its browser extension from the Chrome Web Store. This quickly led to confusion and chaos among users, who started complaining about 404 errors when trying to download the extension to their machines.
About five hours after the password management service confirmed the issue, it was finally able to identify the problem (opens in new tab): someone had apparently de-listed the extension from Google's store for Chrome extensions.
Notably, the issue only affects users who are trying to download the extension from scratch. Those who already have it installed should be unaffected, as LastPass' servers themselves are continuing to function, as are the password manager's website and mobile apps. The company also clarified that users' data was not at risk:
Hi Fabio, correct. Please note that all encryption and decryption occurs locally on your device, not on our servers. We don't have access to your sensitive data. https://t.co/oPTRc16BBM ^GDHi Fabio, correct. Please note that all encryption and decryption occurs locally on your device, not on our servers. We don't have access to your sensitive data. https://t.co/oPTRc16BBM ^GD— LastPass Support (@LastPassHelp) January 23, 2020January 23, 2020
Just 3 hours ago, the company posted another update clarifying that it had re-submitted the extension to the Chrome Web Store and was now waiting for Google's review process to complete before it could be published again.
In the meantime, LastPass suggests using the website or the mobile apps to gain access to your saved passwords and credentials. It may not be as convenient as having the extension autofill them for you, and you will need to copy/paste or type them out manually, but at least your data is secure.
This doesn't surprise me. I figured they'd go downhill, at least for me, after they got bought out. I quit LastPass several months ago when they changed their interface from a simple point and click to scroll, scroll, scroll, click, click, click...oh, it doesn't always auto fill anymore but hey, we're so much better now! I didn't surprise me. Just took a little longer than I thought and that's too expensive to futz with. I went with BitWarden and so far, have been much happier.
I use LastPass for few years now. Haven't noticed any changes. Not sure why your experience is so different. Small UI changes yes but passwords and autofill seem to be the same...
Bitwarden open source and is very good
Is this the kind of people we want to trust with our passwords?
Why not, they did not expose your data, there was no breach. Some incompetent moron delisted the app from the Chrome store. Means nothing.You could still access your data via website or from mobile. All is now restored, no data leaked, so not getting what is your problem here...
Get the best of Android Central in in your inbox, every day!
Thank you for signing up to Android Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.