• filter:

Do you use OneLogin service? Change all your passwords NOW

  • Page :
  • 1
  • Text Only
  • Search this Topic »

Hackers breached OneLogin and it appears they got a hold of an admin level password as it decrypts customer passwords
Oh wow

Remember when LastPass had been breached and customer info (not passwords were leaked?)
This is much worse.


Member Summary
Staff Summary
Thanks for visiting FatWallet.com. Join for free to remove this ad.

I've been trying out CommonKey. It seems like their security/encryption scheme is more robust, although it makes sharing passwords a bit more complicated. Plus the password reset for CommonKey accounts will wipe out all stored passwords, so your passwords are likely encrypted with your account password, meaning CommonKey can't see them, but they're unrecoverable if you forget your password.

Honestly, OneLogin would be hard pressed to have done anything any worse than they did. A security company failing in the way they did is so far beyond acceptable that I don't see why anyone would ever trust them again EVER. To have stored their data the way they did shows either complete incompetence or outright negligence. If you aren't tied in to them in an Enterprise capacity for some reason, I'd recommend dumping them as soon as possible and find a different solution.

  • Quick Reply:  Have something quick to contribute? Just reply below and you're done! hide Quick Reply
    Click here for full-featured reply.

Disclaimer: By providing links to other sites, FatWallet.com does not guarantee, approve or endorse the information or products available at these sites, nor does a link indicate any association with or endorsement by the linked site to FatWallet.com.

Thanks for visiting FatWallet.com. Join for free to remove this ad.

While FatWallet makes every effort to post correct information, offers are subject to change without notice.
Some exclusions may apply based upon merchant policies.
© 1999-2017