In this video I discuss the recent security incident where LastPass got hacked and had their proprietary source code and company information stolen, I also discuss a better, safer alternative to LastPass called KeepassXC which gives you control over your passwords as well as how you can sync your keepass database with syncthing.
LastPass blog post
https://blog.lastpass.com/2022/08/notice-of-recent-security-incident/
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB
Subscribe to my YouTube channel http://goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released.
The same (and much worse) could happen to Bitwarden, at the end password manager services have highly valuable assets and malicious actors will try to attack them. When using a local password manager like KeePassXC, there’s not a single server storing thousands of passwords databases, just one stored locally and off-line in your computer, significantly reducing the risk.
Again? This is at least two times now. I switched to Buttercup because they just use a file you upload to any cloud service (you can even set up your own webdav if you don’t want any company having that file).
Edit: Oh I see. This hack is worse, last time I heard it was leaked passwords and emails.
Password manager services have highly valuable assets (thousands of passwords databases) and malicious actors will try to attack them. You’d be better using an off-line and local password manager like KeePassXC.
Yeah, that can easily be done by Syncthing. It’s basically online, but if you set up your own discovery server and disable relays for syncing, there’s virtually no way apart from completely breaking TLS to get the data.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !security@lemmy.ml
The same (and much worse) could happen to Bitwarden, at the end password manager services have highly valuable assets and malicious actors will try to attack them. When using a local password manager like KeePassXC, there’s not a single server storing thousands of passwords databases, just one stored locally and off-line in your computer, significantly reducing the risk.
KeePassXC >> KeePass, IMHO
Again? This is at least two times now. I switched to Buttercup because they just use a file you upload to any cloud service (you can even set up your own webdav if you don’t want any company having that file).
Edit: Oh I see. This hack is worse, last time I heard it was leaked passwords and emails.
Bitwarden is a good option
Password manager services have highly valuable assets (thousands of passwords databases) and malicious actors will try to attack them. You’d be better using an off-line and local password manager like KeePassXC.
Only offline a database is safe.
Just make sure you back it up to multiple places, and keep the backups up to date.
Yeah, that can easily be done by Syncthing. It’s basically online, but if you set up your own discovery server and disable relays for syncing, there’s virtually no way apart from completely breaking TLS to get the data.