Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsDesktop computingPassword Storage services
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ... | 10
Lias
5589 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #3013451 23-Dec-2022 14:07
Send private message

GV27:

 

Lastpass breach is almost as bad as it can get. 

 

Absolutely staggering. Whatever is left of it will be sued into the ground.

 

 

Yep it just keeps getting worse and worse.

 

If anyone's missed the latest update, after saying no customer data was taken, now it's all customer data was taken. Any customer data such as user/company name, address, email, phone, IP, as well as copies of the password vaults which apparently contain unencrypted URL information alongside the encrypted data.




I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.



GV27
5897 posts

Uber Geek


  #3013508 23-Dec-2022 15:29
Send private message

Yup. You are now reliant on the strength of your master password to protect your data. Changing it now is no good. They have that data offline. Some of it was unencrypted in the first place. The potential for targeted phishing has just gone through the roof for LP users. 

jarledb
Webhead
3257 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3013513 23-Dec-2022 16:00
Send private message

Lias:

 

Yep it just keeps getting worse and worse.

 

If anyone's missed the latest update, after saying no customer data was taken, now it's all customer data was taken. Any customer data such as user/company name, address, email, phone, IP, as well as copies of the password vaults which apparently contain unencrypted URL information alongside the encrypted data.

 

 

Luckily never started using Lastpass. And after their previous security issues I have stayed well clear.

 

It is mind boggling that they still hadn't made sure their security was fool-proof.

 

I mean, this has been going on for some time.

 

From Wikipedia:

 

 




Jarle Dahl Bergersen | Referral Links: Want $50 off when you join Octopus Energy? Use this referral code
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation or subscribing.



Tinkerisk
4227 posts

Uber Geek


  #3013561 23-Dec-2022 16:32
Send private message

Bitwarden Premium + YubiKeys




- NET: FTTH, OPNsense, 10G backbone, GWN APs, ipPBX
- SRV: 12 RU HA server cluster, 0.1 PB storage on premise
- IoT:   thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D:    two 3D printers, 3D scanner, CNC router, laser cutter

Lias
5589 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #3013563 23-Dec-2022 16:52
Send private message

I ditched them for BitWarden a long time ago and told them to delete my account which hopefully they actually did.. and my master password was strong.. so I'm hopeful I won't be impacted personally..




I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.

Senecio
2710 posts

Uber Geek

ID Verified
Lifetime subscriber

  #3013579 23-Dec-2022 18:57
Send private message

I've been meaning to move to BitWarden now for two years and every time I leave it too late and just pay for another year of family for my wife and I. 

 

If I'm going to have to go to the trouble of changing every pass word in our vaults it looks like now is the time I will finally follow through.

michaelmurfy
meow
13243 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3013591 23-Dec-2022 20:12
Send private message

@Senecio migration is super easy. You export from LastPass and import into Bitwarden. I personally find Bitwarden so much more polished.

Also learn the auto fill keyboard shortcut for browsers. It’s handy.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

 
 
 
 

Move to New Zealand's best fibre broadband service (affiliate link). Note that to use Quic Broadband you must be comfortable with configuring your own router.
rb99
3423 posts

Uber Geek

Lifetime subscriber

  #3013719 24-Dec-2022 09:11
Send private message

So...if you move from LastPass to say Bitwarden -

 

is there any reason to assume you passwords are any safer there than at LastPass ?

 

if you move should you just copy passwords over is it better to change them ?




“The modern conservative is engaged in one of man's oldest exercises in moral philosophy; that is, the search for a superior moral justification for selfishness.” -John Kenneth Galbraith

 

rb99

Jase2985
13459 posts

Uber Geek

ID Verified
Lifetime subscriber

  #3013731 24-Dec-2022 10:38
Send private message

the only thing protecting your lastpass passwords is your master password, if that was weak there is a chance it could be compromised now or sometime in the future.

 

i dont think bitwarden has been breached, a quick google search doesnt show anything.

 

 

timmmay
20579 posts

Uber Geek

Trusted
Lifetime subscriber

  #3013732 24-Dec-2022 10:39
Send private message

I'd change them, at least the key ones. With self hosted Bit warden / VaultWarden I've set up firewall rules so it can only be accessed from my public IP, for additional security.

VaultWarden is a third party implementation that uses significantly less resources than the open source BW server. I have an AWS t3a.nano with 512MB of ram and a bit of swap running Nginx, php, MySQL, Sync thing, and VaultWarden in a docker container. It would easily run on a R.Pi.

Senecio
2710 posts

Uber Geek

ID Verified
Lifetime subscriber

  #3013733 24-Dec-2022 10:40
Send private message

I’m going to change them. If your LastPass master password is compromised and you haven’t changed your passwords then it doesn’t matter if you have moved to Bitwarden or not then your accounts will still be compromised.

I’m in the middle of doing this now.

22 passwords changed, only 160 to go!

rb99
3423 posts

Uber Geek

Lifetime subscriber

  #3013735 24-Dec-2022 10:48
Send private message

Maybe t'other half is right - stick to pen and paper




“The modern conservative is engaged in one of man's oldest exercises in moral philosophy; that is, the search for a superior moral justification for selfishness.” -John Kenneth Galbraith

 

rb99

GV27
5897 posts

Uber Geek


  #3013835 25-Dec-2022 09:30
Send private message

Going to have to revisit 2FA via SMS as well, might look to set up a separate number for that. 

johno1234
2803 posts

Uber Geek


  #3013838 25-Dec-2022 09:40
Send private message

Dang. Changing all those passwords will take a while.

Mehrts
1063 posts

Uber Geek

Trusted

  #3013842 25-Dec-2022 09:55
Send private message

johno1234: Dang. Changing all those passwords will take a while.


Security and convenience come at a compromise to each other unfortunately.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ... | 10
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright