Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsDesktop computingPassword Storage services
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ... | 10
Lias
5224 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #3013451 23-Dec-2022 14:07
Send private message

GV27:

 

Lastpass breach is almost as bad as it can get. 

 

Absolutely staggering. Whatever is left of it will be sued into the ground.

 

 

Yep it just keeps getting worse and worse.

 

If anyone's missed the latest update, after saying no customer data was taken, now it's all customer data was taken. Any customer data such as user/company name, address, email, phone, IP, as well as copies of the password vaults which apparently contain unencrypted URL information alongside the encrypted data.




I'm a geek, a gamer, a dad and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it.

 
 
 
 

GoodSync. Easily back up and sync your files with GoodSync. Simple and secure file backup and synchronisation software will ensure that your files are never lost (affiliate link).
GV27
5418 posts

Uber Geek


  #3013508 23-Dec-2022 15:29
Send private message

Yup. You are now reliant on the strength of your master password to protect your data. Changing it now is no good. They have that data offline. Some of it was unencrypted in the first place. The potential for targeted phishing has just gone through the roof for LP users. 

jarledb
Webhead
3114 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3013513 23-Dec-2022 16:00
Send private message

Lias:

 

Yep it just keeps getting worse and worse.

 

If anyone's missed the latest update, after saying no customer data was taken, now it's all customer data was taken. Any customer data such as user/company name, address, email, phone, IP, as well as copies of the password vaults which apparently contain unencrypted URL information alongside the encrypted data.

 

 

Luckily never started using Lastpass. And after their previous security issues I have stayed well clear.

 

It is mind boggling that they still hadn't made sure their security was fool-proof.

 

I mean, this has been going on for some time.

 

From Wikipedia:

 

 




Jarle Dahl Bergersen | https://keybase.io/jarledb - Referral Links: Buying a Tesla? Get free extras by using my referral code.
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation or subscribing.



Tinkerisk
3046 posts

Uber Geek


  #3013561 23-Dec-2022 16:32

Bitwarden Premium + YubiKeys




- NET: FTTH, OPNsense, 10G backbone, GWN APs, ipPBX
- SRV: HA server cluster, 0.1PB storage capacity on premise
- IoT:   thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D:    two 3D printers, 3D scanner, CNC router, laser cutter

Lias
5224 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #3013563 23-Dec-2022 16:52
Send private message

I ditched them for BitWarden a long time ago and told them to delete my account which hopefully they actually did.. and my master password was strong.. so I'm hopeful I won't be impacted personally..




I'm a geek, a gamer, a dad and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it.

Senecio
2157 posts

Uber Geek

ID Verified
Lifetime subscriber

  #3013579 23-Dec-2022 18:57
Send private message

I've been meaning to move to BitWarden now for two years and every time I leave it too late and just pay for another year of family for my wife and I. 

 

If I'm going to have to go to the trouble of changing every pass word in our vaults it looks like now is the time I will finally follow through.

michaelmurfy
cat
12220 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3013591 23-Dec-2022 20:12
Send private message

@Senecio migration is super easy. You export from LastPass and import into Bitwarden. I personally find Bitwarden so much more polished.

Also learn the auto fill keyboard shortcut for browsers. It’s handy.




Michael Murphy | https://murfy.nz
Referral Links: Tessie | Tesla | Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.



rb99
3004 posts

Uber Geek

Lifetime subscriber

  #3013719 24-Dec-2022 09:11
Send private message

So...if you move from LastPass to say Bitwarden -

 

is there any reason to assume you passwords are any safer there than at LastPass ?

 

if you move should you just copy passwords over is it better to change them ?




“The modern conservative is engaged in one of man's oldest exercises in moral philosophy; that is, the search for a superior moral justification for selfishness.” -John Kenneth Galbraith

 

rb99

Jase2985
12347 posts

Uber Geek

ID Verified
Lifetime subscriber

  #3013731 24-Dec-2022 10:38
Send private message

the only thing protecting your lastpass passwords is your master password, if that was weak there is a chance it could be compromised now or sometime in the future.

 

i dont think bitwarden has been breached, a quick google search doesnt show anything.

 

 

timmmay
19622 posts

Uber Geek

Trusted
Lifetime subscriber

  #3013732 24-Dec-2022 10:39
Send private message

I'd change them, at least the key ones. With self hosted Bit warden / VaultWarden I've set up firewall rules so it can only be accessed from my public IP, for additional security.

VaultWarden is a third party implementation that uses significantly less resources than the open source BW server. I have an AWS t3a.nano with 512MB of ram and a bit of swap running Nginx, php, MySQL, Sync thing, and VaultWarden in a docker container. It would easily run on a R.Pi.

Senecio
2157 posts

Uber Geek

ID Verified
Lifetime subscriber

  #3013733 24-Dec-2022 10:40
Send private message

I’m going to change them. If your LastPass master password is compromised and you haven’t changed your passwords then it doesn’t matter if you have moved to Bitwarden or not then your accounts will still be compromised.

I’m in the middle of doing this now.

22 passwords changed, only 160 to go!

rb99
3004 posts

Uber Geek

Lifetime subscriber

  #3013735 24-Dec-2022 10:48
Send private message

Maybe t'other half is right - stick to pen and paper




“The modern conservative is engaged in one of man's oldest exercises in moral philosophy; that is, the search for a superior moral justification for selfishness.” -John Kenneth Galbraith

 

rb99

GV27
5418 posts

Uber Geek


  #3013835 25-Dec-2022 09:30
Send private message

Going to have to revisit 2FA via SMS as well, might look to set up a separate number for that. 

johno1234
1329 posts

Uber Geek


  #3013838 25-Dec-2022 09:40
Send private message

Dang. Changing all those passwords will take a while.

Mehrts
855 posts

Ultimate Geek

Trusted

  #3013842 25-Dec-2022 09:55
Send private message

johno1234: Dang. Changing all those passwords will take a while.


Security and convenience come at a compromise to each other unfortunately.




Thinking about buying a Tesla? Feel free to use my referral link to get a few good perks when you order!

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | ... | 10
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Samsung Announces Galaxy AI
Posted 28-Nov-2023 14:48

Epson Launches EH-LS650 Ultra Short Throw Smart Streaming Laser Projector
Posted 28-Nov-2023 14:38

Fitbit Charge 6 Review 
Posted 27-Nov-2023 16:21

Cisco Launches New Research Highlighting Gap in Preparedness for AI
Posted 23-Nov-2023 15:50

Seagate Takes Block Storage System to New Heights Reaching 2.5 PB
Posted 23-Nov-2023 15:45

Seagate Nytro 4350 NVMe SSD Delivers Consistent Application Performance and High QoS to Data Centers
Posted 23-Nov-2023 15:38

Amazon Fire TV Stick 4k Max (2nd Generation) Review
Posted 14-Nov-2023 16:17

Over half of New Zealand adults surveyed concerned about AI shopping scams
Posted 3-Nov-2023 10:42

Super Mario Bros. Wonder Launches on Nintendo Switch
Posted 24-Oct-2023 10:56

Google Releases Nest WiFi Pro in New Zealand
Posted 24-Oct-2023 10:18

Amazon Introduces All-New Echo Pop in New Zealand
Posted 23-Oct-2023 19:49

HyperX Unveils Their First Webcam and Audio Mixer Plus
Posted 20-Oct-2023 11:47

Seagate Introduces Exos 24TB Hard Drives for Hyperscalers and Enterprise Data Centres
Posted 20-Oct-2023 11:43

Dyson Zone Noise-Cancelling Headphones Comes to New Zealand
Posted 20-Oct-2023 11:33

The OPPO Find N3 Launches Globally Available in New Zealand Mid-November
Posted 20-Oct-2023 11:06








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







MyHeritage






RSS feeds
Main feed
Forums feed
Copyright
©2002-2023 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Affiliate links
Mighty Ape
Sharesies
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.