Lastpass Customer? This is what you need to do

If you’re a Lastpass customer you may already be aware that they were breached late last year and their customers password vaults were stolen. If you aren’t familiar there are some great articles out there that explain what happened. Just Google “Latest Lasspass breach”. Sorry, there are too many good articles to list here.

A few people have reached out to me and wondered what they should be doing about this as a customer of Lastpass. I thought that was a great question and below I’ll outline the priority (based on my personal opinion) of what you should do to protect yourself from this breach.

Keep in mind that the list below is not comprehensive but will be a good starting point. Each person’s risk will be different from others, and it depends on the strength of your master password for Lastpass and what you kept in it.  Ultimately, whatever you stored in your Lastpass you’ll need to update and change that informationIt’s best to assume someone already has this information.

  1. Change your Lastpass master password now, assuming you haven’t moved on to a different solution yet.  The longer the password the better.  I recommend a minimum of 24 characters. You need to do this first otherwise anything else you do will be useless since a threat actor (bad person) can log in again and view all the changes you made.
  2. Increase you Password iterations to over 1,000,000. (As of today, industry recommendation is 600K). Password iteration is a method to further make you master password more complex and more difficult to crack.  Keep in mind the bigger the number the longer it takes to unlock your vault. I have mine over a million and it takes a second longer to open my vault, so it’s not too bad. The setting is located in Account Settings > Advance Settings.
  3. Change your main email password(s).  Like a lot of people, many of the services you signed up for are tied to your main email account(s), and often times reset passwords are sent to this email address.  At this point, and for any other accounts you’ll update, you’ll need to generate new backup codes, create new security question/answers, enable 2 factor authentication (if you haven’t already), and refresh your authenticator code generator.  The reason you’ll need to do this is I’ll assume that a threat actor may have logged in and copied the old information and may saved it to use to later.
  4.  Only after your email accounts passwords have been updated and protected you’ll need to change the passwords for these services next:
    Financial institutions: Such as Banks, Brokerage, Loan and tax services, and sites/services that hold your money, credit, and debt.  If credit and debit card info was stored in Lastpass you’ll need to request new cards as well.
    Health provider/services:  These can include medical, dental, vision, etc. services. The information on these accounts can be used to verify your identity.
    Utility Services – Information from these online accounts (Electric, gas, water, etc) may be used to verify your identity.  You may noticed that some places may request a utility bill as proof of residence or identity.
    Shopping and eCommerce:  Any shopping sites or services that stores your payment information (Amazon, eBay, Etsy, Doordash, Uber, etc).
  5. Eventually every password you stored in Lastpass before the breach will need to be updated, the sooner the better.  Use that time to check whether those services/accounts are important or useful otherwise close/delete/deactivate those accounts. This will help reduce your online footprint.  It’s difficult to verify that those services will  be permanently delete or remove your data, so I recommend that you should manually delete any profile information (phone number, address, etc) or change it to gibberish if possible before you “delete” or deactivate those accounts.

I’m sure there are a lot more things you can do to further protect yourself from the Lastpass data breach, but I hope this will help those who are looking for some structure or prioritization recommendations in their efforts to protect themselves.

Stay safe.

Switched to the Darkside

For the longest time I can remember I’ve been an Android phone user, but I recently switched to the new iPhone 14 Pro and I’ve been using it for 3 weeks. The reason for this switch was that I was looking for a more compact and smaller smartphone and the Samsung 21 Ultra and similar size phones I’ve been using have gotten unwieldy.  It’s due to being busier as my kids are now in sports and we are constantly driving them to practices and games.  Having a large phone sloshing around in my shorts or fumbling it in my hands while carrying equipment and camping chairs is annoying.

After the switch to the iPhone I really appreciate the smaller size phone.  It’s much more pocketable and it fits in my cupholder in my car, finally.  Switching to iOS wasn’t a big deal as I have other Apple devices throughout our household such as our iPads.

Overall, the iPhone switch isn’t all perfect. There are a few things that annoy me when compared to my previous Android devices.  First, the gesture navigation on Android is much better. Edge swiping to go “back” is consistent throughout Androidand it makes using the device one handed so much easier.  Second, notification access and management is much more simpler on Android. Lastly, Apple still uses the lightning port for charging.  This is the most annoying for me as we’ve completely switch to USB C at home. Chargers in my car has USB C and my laptop charges with USB C.  I rely on wireless charger when it’s available, and I refuse to buy a lightning cable out of principle and stubbornness.  Fortunately, the iPhone 14 Pro has good battery life, and so far haven’t needed an emergency recharge when I’m out and about.

Will I stick with iOS for the long term?  The jury is still out on that one.  But as of now I’m enjoying my iPhone and it’s simplicity and, more importantly, it’s compact size with all the flagship features other smaller Android phones don’t have.

I’m still around

It’s been over two years since I posted anything. I’m sure there’s no need to explain what happen since, but I’m still around. Life is slowly getting back to normal.

I’ll be back. I promise.

Water Upgrades

If you’ve ever washed your glassware and let it dry and end up getting a white cloudy substance that coats it? That’s the dissolved minerals in your water which is referred to as Hard Water.   You may see it on your faucets, shower doors, and anything that can get wet from your water at home.  Our previous home was not far away, so we use the same water company and the hard water broke one of our coffee makers within a year, and it also broke our ice maker from our fridge. The mineral buildup was difficult to scrap off. Using harsh chemicals wasn’t an option.  I ended up getting a water conditioner (rather than a true water softener).  The conditioner didn’t soften the water. The conditioner gives the minerals an ionic charge that prevents it from clinging to itself.  You still get those white spots, but it was much easier to clean off.  Wiping it with a paper towel was all that was need to clean it up.

I recently installed a water softener for our new house.  It’s awesome and it has been great. I wish I did it when we were living at our old house.  South San Jose is notorious for its hard water.  According to the USGS Website water with dissolved calcium and magnesium of 7 gpg (grains per gallon) or 120 ml/L (milligram per liter) is considered hard water. According to our water provider, Great Oaks Water, their water hardness is 18 gpg (grains per gallon) or 307.8 ml/L (milligram per liter.)  That’s the over 250% over those values.

If you’re struggling to clean up the water spots from your faucets and dishware or your appliances getting clogged up with mineral deposits I highly recommend a softener.  There are other benefits such as softer skin and hair.  I find myself using a lot less lotion, soap, and shampoo.  I have a Fleck 5600STX 64,0000 Grain system that I purchased from Amazon, and I got a plumber to install it.  The system requires me to add a 40 pound bag of salt each month.


Lawn Trouble

When we finally moved into our new home we noticed the grass was dying.  It seems the previous owner might have stopped watering it after we went under contract.  I had no knowledge of how to care for a lawn, so I did the next best thing.  Watch a bunch of Youtube videos on how to do it.

I got some tools, lawn soil, and grass seed.  I raked away the dead grass and turned up the dirt where there was no grass.  I added some new lawn soil, spread and mixed in the grass seeds into the soil.  I watered it everyday and I started to notice some of the seeds beginning to germinate, but I was disappointed at the rate and sparse growth.

One early morning my wife noticed that we had a few little birds hanging out in our backyard.  Curious to see what they were up to I opened the sliding door to my yard and when I took a few steps onto the lawn, and in that moment, several dozens of little birds flew away.  I was shocked. These little birds were feeding on all the grass seeds that I have spread over my lawn past two weeks.  So back to the Youtube videos.

I spent about 10 bucks at Lowe’s and bought a plastic decoy Great Owl to be used to scare rodents and birds.  I was hoping they had a more menacing raptor but from what I read these Great Owls are quite the predator.  I set the plastic Owl on the kid’s play structure and moved it around the backyard every few days.  I’m not sure if this decoy is working or if the cold weather is keeping the birds away.  Anyhow, over the next two months the grass began to grow and it’s been looking a lot greener.

The pictures below will show the 3 month difference.

Dead grass
Dead Grass
Green grass
Green grass

New Year and New Changes

It looks like my yearly blog post is due.  I’ve been meaning write more posts but I’ve been busy and being lazy.  2019 was a busy year to say the least.  My family and I bought a new home and sold our old one.  It was quite the ordeal, but in the end it was all worth it.  In December I got a promotional opportunity at work which I accepted and will start in a week. The most exciting news was the birth of our 4th child, a daughter.  It was a total surprise as we choose not to know the sex of the baby during the pregnancy.  We currently have 3 wonderful boys, so we are thrilled to have a daughter.

I’m not making any promises, but I’ll try to at least make another post before this year ends.  Since moving into our new home I’ve been busy dealing with home issues and home upgrades.  I’ll try to write something up about them on this blog.

Passed my CISM Exam!

After about 3 months of studying I finally took my CISM exam and passed. It was tough. It was a lot tougher than I expected even with all the studying I put in. The CISM focus on mainly on management, so it required a different style of thinking compared to many of my other technical certifications I’ve taken.

If you’re thinking about getting your CISM certification I highly recommend the following book. It’s a lot easier to read than others, and it comes with a great practice test software.

(The book is not an ad nor do I get anything out of it for mentioning it. It’s just a great resource if you’re studying for the CISM exam.)

Poop In the Toilet

One of the biggest milestones as parent is seeing your child poop or pee in the toilet for the first time.  My second oldest son has finally done it.  He’s over 3 and half years old and up until yesterday I didn’t think he was ever going to stop wearing his diaper.

Now that he’s a “Big Boy” I guess my wife and I will have to plan a Disneyland trip; an incentive for his potty efforts.

Website Rebuilt

So I decided to rebuild my WordPress blog.  I migrated to Dreamhost so long ago I don’t even remember when I did it.  Before Dreamhost I hosted the site myself on an old desktop in the living room.

Over a decade with using WordPress I’ve tested a bunch of plugins and and add-ons and stuff.  Anyways, I decided to delete the whole site and imported only the posts and images making the site cleaner.

Next steps for me is to pick a theme and make a few cosmetic changes to the site.

Consumed by Pokemons

Over the last couple of of weeks I got started playing Pokemon Go with my children.  Before I knew it I was sucked into the Pokemon Universe. My wife reluctantly joined in on the party, so now we spend several hours a week walking around our neighborhood looking for these Pokemons. Once I started playing I can see the flexibility of the game makes it very popular.  It’s one of the few games that encourages you to go outside and walk around. You can play alone or play side by side with other players, and in my case it’s with my wife, kids and sometimes with other family members. The only time you really co-op with other players is when you battle against a Pokemon, and even then it’s limited to just attacking and trying to defeat that Pokemon. Win or lose you collect some random loot and you move on.