Top password manager LastPass has said it will soon start encrypting URLs stored in the vaults to act as an additional layer of protection against hacker incursions.
Every LastPass user creates a “vault”, which is essentially a database of passwords and other sensitive information. This vault remains password-protected, but it also keeps track of all the websites the user opens, and cross-references them with the ones it has stored.
If it finds a match, it will try to automatically add the username and password information to the corresponding fields, for a more seamless experience.
Microsoft's safeguards
In the early days of LastPass (since 2008, essentially), this URL information could not be encrypted because it taxed the CPU too much, slowing the browser down, and wasting too much battery. So, the developers decided to leave the URLs unencrypted.
Today, with CPUs being a lot more efficient and not as power-hungry, the developers decided it was a good time to re-introduce the feature. We’re not sure if this has anything to do with the fact that most OEMs just introduced new ARM-based Windows PCs. ARM, according to early benchmarks, seems to be significantly more powerful, and power-efficient, compared to x86 architecture. Apple already made the jump a few generations back with its M series of silicon.
Encrypting URLs in people’s vaults is not an easy task, and it will have to be rolled out slowly. So far, the process is progressing as planned, the company allegedly said.
The process will come in two phases, with the first phase kicking off in June, and the second one sometime in the second half of the year.
Users are not expected to have to take any action, but in case anything changes, LastPass will send out appropriate notifications, it confirmed.
Via BleepingComputer
More from TechRadar Pro
- Microsoft announces new Surface lineup with Qualcomm Snapdragon X chips
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now