988
submitted 1 year ago by L4s@lemmy.world to c/technology@lemmy.world

More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

you are viewing a single comment's thread
view the rest of the comments
[-] Tibert@compuverse.uk 19 points 1 year ago

The excel spreadsheet can be read by anything. And if someone gets hold of it either through malware or access to the computer, they get all your passwords.

A password manager allows to store the passwords in an encrypted file. The file being encrypted, if the password is strong, may not be accessed easily or fast enough to be worth the effort.

[-] aram855@feddit.cl 0 points 1 year ago

So then why not use pen and paper and be done with it? It's basic opsec

[-] Tibert@compuverse.uk 3 points 1 year ago

It's a solution, but very inconvenient. There is also no backup, in case of destruction.

It is also not encrypted. So anyone stealing it can read it.

A password manager is great for storing sensitive information like password in a secure way, at least if the master password is good enough. And the password manager isn't a shitty one (Lastpass). The online password managers allow syncing, and also often can export a file.

Local password manager can also produce an encrypted backup file which can be stored on a server. While also offering some convenience to log in and storing many random passwords.

this post was submitted on 07 Sep 2023
988 points (99.0% liked)

Technology

59381 readers
1585 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS