TL;DR: Last Pass is broken. All passwords at the time of the breach were taken. They also got internal secrets from a laptop and can now probably throw computational power at anything they want to decrypt.

Switch. Do not use. Change everything you have if you were using it. Treat everything as breached.

  • edge [he/him]
    ·
    2 years ago

    Only if you re-use passwords which is probably the worst thing you can do. No amount of muscle memory is going to help you remember a unique, randomly generated password like 72^@Bjh81N5QmEN6 for every single website.

      • edge [he/him]
        ·
        2 years ago

        You can still download Bitwarden and enable it in private browsing. Or you can just set your browser to clear on exit in normal sessions but still use the built in password manager. It's much more secure to use randomly generated passwords unique to each website than to use anything you can type, especially if you're reusing a password.