More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

  • Lucidlethargy@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    7
    ·
    1 year ago

    There’s no such thing as an impenetrable password manager. I keep my most secure passwords in my head, and so should everyone.

    Even if the software were perfect, people aren’t. Anyone can be fooled under the right circumstances. It’s better to expose one service than all of them at once.

    • PlexSheep@feddit.de
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Your head cannot be securely backed up, and you are not resistant to major thread actors (torture, and so on)

    • Ado@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      How would someone steal my password and my physical yubikey for 2fa?