this post was submitted on 07 Sep 2023
981 points (99.0% liked)

Technology

59581 readers
3372 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 76 points 1 year ago (3 children)

These guys saved their seed phrases to LastPass, not just account passwords. You can't just change your seeds without moving funds to a new wallet.

The main lesson here is never store your seeds in digital form, ever. Write it down by hand on paper at creation and then take additional efforts to safeguard it.

[–] [email protected] 9 points 1 year ago (3 children)

I just store recovery phrases of all kinds on an encrypted USB stick (which is obviously only connected to my PC when I need to put a new one in or use it (which so far has happened never)), I feel like that is secure enough for me, although if I could laminate at home I might print and make small cards in a separate a card wallet. Any other way I feel like I would eventually lose them, the particular USB drive ive had for over 15 years, it is 512 MB lol.

[–] [email protected] 36 points 1 year ago (4 children)

USB sticks are not very reliable and can become totally unreadable randomly. I hope you at least have a few backups of it

[–] [email protected] 15 points 1 year ago* (last edited 1 year ago) (1 children)

Yeah, they are horribly unreliable.

I got myself 5 sticks, put the same data on all 5.

1st was dead within a month. 2nd & 3rd both dead in 4m, 4th dead in 6m. The 5th is still alive 3 years later.

It's a shit lottery, don't play it, modern flash drives are absolutely garbage. Yet I still have a whole pile of 1,2, 4 GB flash drives from over a decade ago and they all still work.

[–] [email protected] 3 points 1 year ago

Old flash drives used to be all SLC.

Newer ones, use the cheapest tech for the same capacity, with QLC being about 16 times less reliable than SLC.

[–] [email protected] 8 points 1 year ago (1 children)

Carve it in granite and bury it underground so that future archaeologists can be confused over their meaning.

[–] [email protected] 4 points 1 year ago

"Great Scott! Jameson come look at this tablet! What does Amazon: [email protected] 6942069 mean!?"

[–] [email protected] 2 points 1 year ago

At least better than the cloud.

[–] [email protected] -1 points 1 year ago

USB sticks can be very different. I would recommend using small M.2 SSD in a stick enclosure.

[–] [email protected] 2 points 1 year ago

I would duplicate to at least 2 sticks, and also a written form that you keep stored with important documents, like a safe with your SSN, birth certificate, etc.

[–] [email protected] 1 points 1 year ago

For any significant amount of money, the seed should never even touch a PC. No USBs, no printers.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

I wrote my seed information down for my poop coin wallet directly on Charmin double ply and then promptly wiped my ass with it and flushed.

All my apes gone!

[–] CryptoRoberto 2 points 1 year ago (1 children)

Shit coin is far superior than poop coin. All the apes have shit coin. You never lose the password to shit coin, there's always more shit coin passwords.

[–] lustrum 1 points 1 year ago

How were the wallets cracked? Cracked the master password?