Password service LastPass was forced to increase its security

Padlock broken hacking doorDavid Silverman/Getty ImagesLastPass had to fix its security.

Password manager LastPass was forced to up its security measures following the release of research showing just how easy it is to convince its customers to hand over their password, The Register reports.

LastPass is a piece of software that keeps lots of different passwords in one place. It makes it easier to manage lots of complex passwords.

But security researcher Sean Cassidy published a blog post that showed how it could take criminals “less than a day” to build a spoof version of LastPass that could convince people to hand over their email address and passwords.

Fake LastPass loginSean CassidyCassidy’s fake LastPass login screen.

In response to Cassidy’s post, LastPass upped the security requirements for people trying to log into the service. Anybody logging into the service now has to visit their email inbox and manually approve every sign-in attempt. That makes it harder for criminals to steal any passwords.

LastPass published a blog post responding to Cassidy’s research. It says that its verification procedure “significantly reduces the threat of this phishing attack.” It said that users with two-factor authentication enabled (where multiple devices are needed to log into a service) would still have to use email verification to avoid any fake versions of the site.

NOW WATCH: This new phone crushes the iPhone in one key area

NOW WATCH: Tech Insider videos

Want to read a more in-depth view on the trends influencing Australian business and the global economy? BI / Research is designed to help executives and industry leaders understand the major challenges and opportunities for industry, technology, strategy and the economy in the future. Sign up for free at research.businessinsider.com.au.