Lastpass hacked again!

[Quartz]

LastPass says employee’s home computer was hacked and corporate vault taken

Already smarting from a breach that stole customer vaults, LastPass has more bad news.

arstechnica.com

It's not looking good. There's nothing on their website about this latest breach. I've just checked and I have about 300 accounts stored there.

And with my car woes, I am NOT having a good day.

 

[Deleted member 77746]

Everyone needs to come away from them asap.

Authy and Bitwarden / Vaultwarden combo - For the win.

 

[MCFC_ANDY]

oh hell, best i exit stage left from there, got all my passwords on there

 

[darael]

And this is why I will never move away from saving my passwords locally with Mozilla, protected by a master password. Sure it's a little inconvenient sometimes, but that's a small price to pay.

 

[montymint]

Everyone needs to come away from them asap.

Authy and Bitwarden / Vaultwarden combo - For the win.

I use Authy / 1PAssword

 

[chili]

Question:- So you have moved away from lastpass, how do you ensure you delete all your password and logins that you have stored with them, so you can safely leave lastpass behind?

 

[chili]

And this is why I will never move away from saving my passwords locally with Mozilla, protected by a master password. Sure it's a little inconvenient sometimes, but that's a small price to pay.

How does this work, am a novice hence the question

 

[Deleted member 77746]

Question:- So you have moved away from lastpass, how do you ensure you delete all your password and logins that you have stored with them, so you can safely leave lastpass behind?

Export your data then remove everything once you have confirmed export successful and somewhere else is set up then just delete your account.

 

[Deleted member 77746]

And this is why I will never move away from saving my passwords locally with Mozilla, protected by a master password. Sure it's a little inconvenient sometimes, but that's a small price to pay.

Do you access your passwords on multiple devices?

 

[Pigeon_Killer]

Makes no difference in reality, their name's dirt and they're finished.

 

[darael]

How does this work, am a novice hence the question

Firefox just saves my passwords on my computer. I then choose to enable master password in Firefox to double the protection.

Do you access your passwords on multiple devices?

Thankfully, no, not very often or very few of them.

 

[Deleted member 77746]

Thankfully, no, not very often or very few of them.

That's the difference, if you like me using different platforms I think it's best to have a central place. Mine is protected by 2FA as well and also self hosted with hourly backups.

 

[no_1_dave]

I just use my Google account to keep my passwords and usually use their password generator when creating one
The only time I create a memorable password is when I will need access outside of Google (Steam for example). Passwords also sync across to my Android phone so I don't see the point in a 3rd party password vault

 

[Quartz]

Update

Security Bulletin: Recommended Actions for Free, Premium, and Families Customers

Security is vital to your life online, so we’ve created this guide to help you respond to the recent LastPass incident in a way that meets your personal needs.

support.lastpass.com

 

[Semple]

Question:- So you have moved away from lastpass, how do you ensure you delete all your password and logins that you have stored with them, so you can safely leave lastpass behind?

Realistically you should also change your passwords that were stored on LastPass. I only bother to change stuff that either has card information/address details stored, or if the account has any sort of financial value. Everything else I haven't bothered with as it'd only be an inconvenience having to setup/register again, not like someone can make purchases etc.

 

[ChrisD.]

If the previous breaches weren't enough of a warning, I really hope this will convince people to leave them.

 

[teenwolf]

If the previous breaches weren't enough of a warning, I really hope this will convince people to leave them.

i get someone trying to login to my old amazon account daily must have come from the last pass leaks.

 

[ltron]

Last Pass employees should really have separate home and clean work PCs.

 

[ltron]

If the previous breaches weren't enough of a warning, I really hope this will convince people to leave them.

How have they managed to screw up so much? I thought they were supposed to be good.

 

[ChrisD.]

How have they managed to screw up so much? I thought they were supposed to be good.

They haven’t been good for years.