Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsDesktop computingPassword Storage services
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ... | 10
Lias
5655 posts

Uber Geek
+1 received by user: 3978

ID Verified
Trusted
Lifetime subscriber

  #3013451 23-Dec-2022 14:07
Send private message

GV27:

 

Lastpass breach is almost as bad as it can get. 

 

Absolutely staggering. Whatever is left of it will be sued into the ground.

 

 

Yep it just keeps getting worse and worse.

 

If anyone's missed the latest update, after saying no customer data was taken, now it's all customer data was taken. Any customer data such as user/company name, address, email, phone, IP, as well as copies of the password vaults which apparently contain unencrypted URL information alongside the encrypted data.




I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup. Opinions are my own and not the views of my employer.



GV27
5977 posts

Uber Geek
+1 received by user: 4212


  #3013508 23-Dec-2022 15:29
Send private message

Yup. You are now reliant on the strength of your master password to protect your data. Changing it now is no good. They have that data offline. Some of it was unencrypted in the first place. The potential for targeted phishing has just gone through the roof for LP users. 

jarledb
Webhead
3319 posts

Uber Geek
+1 received by user: 1983

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3013513 23-Dec-2022 16:00
Send private message

Lias:

 

Yep it just keeps getting worse and worse.

 

If anyone's missed the latest update, after saying no customer data was taken, now it's all customer data was taken. Any customer data such as user/company name, address, email, phone, IP, as well as copies of the password vaults which apparently contain unencrypted URL information alongside the encrypted data.

 

 

Luckily never started using Lastpass. And after their previous security issues I have stayed well clear.

 

It is mind boggling that they still hadn't made sure their security was fool-proof.

 

I mean, this has been going on for some time.

 

From Wikipedia:

 

 




Jarle Dahl Bergersen | Referral Links: Want $50 off when you join Octopus Energy? Use this referral code
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation or subscribing.



Tinkerisk
4798 posts

Uber Geek
+1 received by user: 3660


  #3013561 23-Dec-2022 16:32
Send private message

Bitwarden Premium + YubiKeys




- NET: FTTH & VDSL, OPNsense, 10G backbone, GWN APs
- SRV: 12 RU HA server cluster, 0.1 PB storage on premise
- IoT:   thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D:    two 3D printers, 3D scanner, CNC router, laser cutter

Lias
5655 posts

Uber Geek
+1 received by user: 3978

ID Verified
Trusted
Lifetime subscriber

  #3013563 23-Dec-2022 16:52
Send private message

I ditched them for BitWarden a long time ago and told them to delete my account which hopefully they actually did.. and my master password was strong.. so I'm hopeful I won't be impacted personally..




I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup. Opinions are my own and not the views of my employer.

Senecio
2853 posts

Uber Geek
+1 received by user: 3163

ID Verified
Lifetime subscriber

  #3013579 23-Dec-2022 18:57
Send private message

I've been meaning to move to BitWarden now for two years and every time I leave it too late and just pay for another year of family for my wife and I. 

 

If I'm going to have to go to the trouble of changing every pass word in our vaults it looks like now is the time I will finally follow through.

HP

 
 
 
 

Shop now for HP laptops and other devices (affiliate link).
michaelmurfy
meow
13580 posts

Uber Geek
+1 received by user: 10910

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3013591 23-Dec-2022 20:12
Send private message

@Senecio migration is super easy. You export from LastPass and import into Bitwarden. I personally find Bitwarden so much more polished.

Also learn the auto fill keyboard shortcut for browsers. It’s handy.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

rb99
3505 posts

Uber Geek
+1 received by user: 1830

Lifetime subscriber

  #3013719 24-Dec-2022 09:11
Send private message

So...if you move from LastPass to say Bitwarden -

 

is there any reason to assume you passwords are any safer there than at LastPass ?

 

if you move should you just copy passwords over is it better to change them ?




“The modern conservative is engaged in one of man's oldest exercises in moral philosophy; that is, the search for a superior moral justification for selfishness.” -John Kenneth Galbraith

 

rb99

Jase2985
13732 posts

Uber Geek
+1 received by user: 6205

ID Verified
Lifetime subscriber

  #3013731 24-Dec-2022 10:38
Send private message

the only thing protecting your lastpass passwords is your master password, if that was weak there is a chance it could be compromised now or sometime in the future.

 

i dont think bitwarden has been breached, a quick google search doesnt show anything.

 

 

timmmay
20858 posts

Uber Geek
+1 received by user: 5350

Trusted
Lifetime subscriber

  #3013732 24-Dec-2022 10:39
Send private message

I'd change them, at least the key ones. With self hosted Bit warden / VaultWarden I've set up firewall rules so it can only be accessed from my public IP, for additional security.

VaultWarden is a third party implementation that uses significantly less resources than the open source BW server. I have an AWS t3a.nano with 512MB of ram and a bit of swap running Nginx, php, MySQL, Sync thing, and VaultWarden in a docker container. It would easily run on a R.Pi.

Senecio
2853 posts

Uber Geek
+1 received by user: 3163

ID Verified
Lifetime subscriber

  #3013733 24-Dec-2022 10:40
Send private message

I’m going to change them. If your LastPass master password is compromised and you haven’t changed your passwords then it doesn’t matter if you have moved to Bitwarden or not then your accounts will still be compromised.

I’m in the middle of doing this now.

22 passwords changed, only 160 to go!

 
 
 
 

Shop now for Dyson appliances (affiliate link).
rb99
3505 posts

Uber Geek
+1 received by user: 1830

Lifetime subscriber

  #3013735 24-Dec-2022 10:48
Send private message

Maybe t'other half is right - stick to pen and paper




“The modern conservative is engaged in one of man's oldest exercises in moral philosophy; that is, the search for a superior moral justification for selfishness.” -John Kenneth Galbraith

 

rb99

GV27
5977 posts

Uber Geek
+1 received by user: 4212


  #3013835 25-Dec-2022 09:30
Send private message

Going to have to revisit 2FA via SMS as well, might look to set up a separate number for that. 

johno1234
3352 posts

Uber Geek
+1 received by user: 2843


  #3013838 25-Dec-2022 09:40
Send private message

Dang. Changing all those passwords will take a while.

Mehrts
1112 posts

Uber Geek
+1 received by user: 984

Trusted

  #3013842 25-Dec-2022 09:55
Send private message

johno1234: Dang. Changing all those passwords will take a while.


Security and convenience come at a compromise to each other unfortunately.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ... | 10
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright