Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers (thehackernews.com)

submitted 21 hours ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

5 comments fedilink hide all child comments

top 5 comments

sorted by: hot top controversial new old

[-] Arcanoloth@lemmy.ml 10 points 21 hours ago

Because, as usual, the actual info is hard to find: They looked at Bitwarden, LastPass, Dashlane, and 1Password (see https://zkae.io/)

As a user of https://www.passwordstore.org/ (GnuPG+Git, and I use a https://www.nitrokey.com/ and self-host the repo via https://forgejo.org/) I feel:

a) Overlooked b) Vindicated c) Quite safe

;-)

[-] osanna@thebrainbin.org 7 points 21 hours ago

this.... makes me want to host my own bitwarden instance, because it'll be far less of a target than BW itself. Plus i wouldn't expose it to the internet since I'm being NAT.

[-] osanna@thebrainbin.org 7 points 19 hours ago

aaaand it's up and running. since I wasn't a paying member of BW, i got VW and checked out the breached passwords. I had like 8 passwords that were breached. So i went along and changed them. Anyway, I feel a bit safer now.

[-] cron@feddit.org 4 points 15 hours ago

Well done. Vaultwarden is quite easy to selfhost.

[-] Pacrat173@lemmy.ml 4 points 17 hours ago

I think I’ll be joining you I’ve been meaning to get around to that and this is as good a time as any.

this post was submitted on 17 Feb 2026

31 points (97.0% liked)

Cybersecurity

9574 readers

113 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social