Security Incident Update and Recommended Actions - The LastPass Blog
blog.lastpass.com
An important update about the security incident.

TL;DR: Last Pass is broken. All passwords at the time of the breach were taken. They also got internal secrets from a laptop and can now probably throw computational power at anything they want to decrypt.

Switch. Do not use. Change everything you have if you were using it. Treat everything as breached.

  • tagen
    ·
    1 year ago

    deleted by creator

    • aaaaaaadjsf [he/him, comrade/them]
      ·
      2 years ago

      I mean that's how password managers work. They have to store something on online. And as we know online/the cloud is just someone else's server or computer. And even if it's just the encrypted part of the password, or its technically "unhackable", when there's a will, there's always a way to hack something.

    • edge [he/him]
      ·
      2 years ago

      If they aren't stored online you can't log in to sites unless you have access to the computer you stored them on.