LastPass security breach linked to $35 million stolen in crypto heists
www.theverge.com
Researchers found that almost every victim was a LastPass user.

More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

  • @[email protected]English
    -51 year ago

    There’s no such thing as an impenetrable password manager. I keep my most secure passwords in my head, and so should everyone.

    Even if the software were perfect, people aren’t. Anyone can be fooled under the right circumstances. It’s better to expose one service than all of them at once.

    • @[email protected]English
      41 year ago

      Your head cannot be securely backed up, and you are not resistant to major thread actors (torture, and so on)

    • @AdoEnglish
      11 year ago

      How would someone steal my password and my physical yubikey for 2fa?