Have you stopped relying on LastPass since the August 2022 and December 2022 breaches?
It didn't work for the DevOps engineer, MFA is Multi-Factor Authentication (2 or more factors).
Comment has been collapsed.
I store my passwords locally in a KeePassXC database stored in my own drives.
I don't trust cloud password managers because they're a big target for hackers and the leaks are just a matter of time.
Comment has been collapsed.
Well... We're crossing topics. I'm replying to the poll, not to the article.
Sorry for the confusion.
Comment has been collapsed.
“This was accomplished by targeting the DevOps engineer’s home computer and exploiting a vulnerable third-party media software package, which enabled remote code execution capability and allowed the threat actor to implant keylogger malware,”
I like how they try so very hard to say "look, it's not our fault" when really it is because I don't care how many is "a handful of company developers", how the hell does a guy working in what is essentially a security company get a keylogger on his computer and has no idea?
Comment has been collapsed.
Like that is the only problem with this sentence.. They literally had 1 job........... It's like being a cook and serving mud xD
Comment has been collapsed.
Agreed.
They can lock these things tight and encrypt them to hell and back. The problem is always going to come from the human element.
Until they are run by machines from top to bottom, these vaults will never be as "secure" as they advertise them to be.
Comment has been collapsed.
It is safer to keep your passwords in a plain .txt file on your desktop at this point. No encryption, just plain passwords.
Comment has been collapsed.
Should've added the /j at the end to indicate it's a joke.
Comment has been collapsed.
I always thought Passwords vaults are stupid and pointless. You get all of your passwords and accounts and put them under one account. How is that better or safer in any way whatsoever? Just use 2FA, and if you really can't remember your passwords and don't trust having them on a local file or cloud file, get a notebook. No one will hack your paper notebook.
Comment has been collapsed.
They are actually not pointless and even useful since so many people use a password vault without noticing (a.k.a Google Chrome) and that's already a bad situation, trusting a big corporation that has so many info about you, imagine a leak there. Anyway, there are offline password vaults and the databases can be synced between local devices with something like Syncthing. Of course keeping a paper notebook is the best but using an offline vault is more practical.
Comment has been collapsed.
2,046 Comments - Last post 16 minutes ago by MeguminShiro
300 Comments - Last post 1 hour ago by FoothWith
27 Comments - Last post 1 hour ago by Chris76de
8,419 Comments - Last post 2 hours ago by VicViperV
10 Comments - Last post 4 hours ago by Hassat
724 Comments - Last post 4 hours ago by ZPE
11 Comments - Last post 5 hours ago by Wok
33 Comments - Last post 51 seconds ago by madsession
6 Comments - Last post 7 minutes ago by GabreeEL
44 Comments - Last post 7 minutes ago by KuhJoe
15,096 Comments - Last post 21 minutes ago by adam1224
807 Comments - Last post 43 minutes ago by philipdick
2,404 Comments - Last post 50 minutes ago by TinaG
7 Comments - Last post 55 minutes ago by Chris76de
Another bombshell drops
https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/
Comment has been collapsed.