988
More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user (www.theverge.com)
submitted 10 months ago by [email protected] to c/[email protected]
187 comments fedilink hide all child comments

More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

you are viewing a single comment's thread
view the rest of the comments
[-] [email protected] 42 points 10 months ago

Pro Tip: You don't need to give a private company all of your passwords. That literally defeats the purpose of having passwords.

[-] [email protected] 11 points 10 months ago

A-fucking-men... but I was always given shit for saying this.

Anything can be hacked or stolen, I don't trust any company to secure my information. :/

[-] [email protected] 7 points 10 months ago

I keep thinking of the people who make their passwords garbled random text impossible to memorize but then they trust an online service to keep it safe and private. When breaches happen, maybe even a post-it note at home would have been more secure.

[-] [email protected] 4 points 10 months ago

Yeah cool post it notes for several hundred sites.

[-] [email protected] 3 points 10 months ago

Better get a notebook then

[-] [email protected] 11 points 10 months ago* (last edited 10 months ago)

Except you’re giving your passwords in an encrypted format. So if the company is trustworthy, it’s safe to let them store your passwords because it’s encrypted in such a way that even the company who own the password manager couldn’t access your passwords even if they wanted to.

(Note the caveat of “IF the company is trustworthy”, which rules out Lastpass)

Now I accept that there are legitimate arguments against storing passwords in the cloud via a password manager… so in that case, you may wish to use a local password manager (like Keepass) instead. But realistically, a typical person isn’t capable of memorising lots of unique, secure passwords… so the passwords need to be written down or stored in a password manager, just to avoid weak passwords or password reuse.

[-] [email protected] 3 points 10 months ago

This. This. This.

I vote for you to be chair person of the board for common sense.

this post was submitted on 07 Sep 2023
988 points (99.0% liked)

Technology

55744 readers
3701 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]