More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

  • @tst123
    link
    English
    16
    edit-2
    1 year ago

    deleted by creator

    • @smolyeet
      link
      English
      161 year ago

      The idea is fine. Still trusting lastpass was the bad idea. Others have much better implementations to protector your vault and don’t drop the ball on security time after time.

      • @[email protected]
        link
        fedilink
        English
        -11 year ago

        They might have better implementation, but that only means it will take longer time before a data breach happens, it doesn’t stop them.

        • @[email protected]
          link
          fedilink
          English
          51 year ago

          A data breach isn’t an issue by itself. It’s only an issue if it’s possible to decrypt your passwords.

    • @[email protected]
      link
      fedilink
      English
      131 year ago

      It’s OK as long as you’re the only one with the key to it.

      If your storage provider can decrypt it, so can anybody who hacks them or works for them.

      Sometimes these are the same people.

      • @[email protected]
        link
        fedilink
        English
        141 year ago

        I use Syncthing to keep my Keepass files synchronized on my devices. All the benefits of cloud storage, but my password file never leaves my control.

          • @[email protected]
            link
            fedilink
            English
            31 year ago

            Personally I don’t like to rely on anyone’s cloud services for mission critical applications like password storage, since they have a history of being discontinued without notice.

            I do trust Mozilla a lot more than Google, though.

            With Syncthing at least if the discovery servers go down you still have a local copy as well as off-site backups, and can easily migrate to some other sync solution as your password manager is not tied to your browser.

            • @[email protected]
              link
              fedilink
              English
              11 year ago

              I would argue that email is similarly as critical, yet Selfhosting email is a bad idea practically and from a security standpoint. Your argument does not apply in general.