LastPass's cloud service suffered a five-hour outage today that left some people unable to use the password manager to log into their internet accounts.
Its makers said offline mode wasn't affected – and that only its cloud-based password storage fell offline – although some Twitter folks disagreed. One claimed to be unable to log into any accounts whether in “local or remote” mode of the password manager, while another couldn't access their local vault.
The solution, apparently, was to disconnect from the network. That forced LastPass to use account passwords cached on the local machine, rather than pull down credentials from its cloud-hosted password vaults. Folks store login details remotely using LastPass so they can be used and synchronized across multiple devices, backed up in the cloud, shared securely with colleagues, and so on.
The problems first emerged at 1408 UTC on November 20, with netizens reporting an “intermittent connectivity issue” when trying to use LastPass to fill in their passwords to log into their internet accounts. Unlucky punters were, therefore, unable to get into their accounts because LastPass couldn't cough up the necessary passwords from its cloud.
The software's net admins worked fast, according to the organisation's status page. Within seven minutes of trouble, the outfit posted: “The Network Operations Center have identified the issue and are working to resolve the issue.”
The biz also reassured users that there was no security vulnerability, exploit, nor hack attack involved:
UPDATE: Our team is still working the case but here’s what we can share: we’ve isolated the issue to be a data center connectivity problem – our team is working hard to fix it as we type. Additionally, we want to clarify any chatter: this is not a security related issue. 1/2— LastPass (@LastPass) November 20, 2018
Connectivity is a recurrent theme in LastPass outages: in May, LogMeIn, the developers behind LastPass, suffered a DNS error in the UK that locked Blighty out of the service.
The service returned at nearly 2000 UTC today, when the status team posted: “We have confirmed that internal tests are working fine and LastPass is operational. We are continuing to monitor the situation to ensure there are no further issues.”
The Register will watch with interest for LastPass to publish a postmortem. ®