this post was submitted on 28 Sep 2023
2227 points (98.1% liked)
Memes
45746 readers
2065 users here now
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Just about every centralized service will be breached at some point. At least they have a cybersecurity team and everybody got notified and can act accordingly. If you choose another just because they haven't been hacked, it's just a matter of time. I think they're still a viable option, just be ready to react to notices like these.
Personally, I chose the self-hosted route, but that comes at the cost of maybe never knowing if you get breached until its too late.
Normally I'd agree with you, but in the case of lastpass, I have to disagree. Ever since they're bought by LogMeIn, not only they significantly increased the price, they also have security incidents after security incidents, with the worst one in 2022, not to mention a bunch of vulnerabilities that seems so basic it shouldn't be a problem on other password managers. There were also shenanigans where they seemingly intentionally broke data export to slow down exodus of their users to other password managers.
They were recently spun off as a separate company from GoTo/LogMeIn, but at this point I have lost faith and would not recommend lastpass at all.
Fair enough. Thanks for the extra context.