Viewing a single comment thread. View all comments

moekakiryu t1_j1h1fl5 wrote

>Typically they have handled hacks well in the past but they really screwed the pooch this time.

Yeah that (and ease of use) was one of the reasons I actually went with Lastpass - they actually have a known history of being open, and disclosing risks with customers. Even with a breach as big as this I would be a lot more forgiving if they hadn't already sent 2 alerts already, both with the conclusion of 'its not a big deal, they haven't accessed user data'. If there was even a risk (in hindsight there probably was) I would have liked to been told about that.

>If you haven’t used a password manager this shouldn’t put you off the idea, though.

Agreed. As I've told a couple friends already, even with this breach where there's a risk that the hackers literally have a physical copy of my encrypted passwords, I'm STILL in a more secure position than if I hadn't used one at all. Its probably extremely difficult to impossible to get the passwords and even if they do, it only takes me an hour or two to fix that by rotating all of the passwords I have, thanks to to having a giant list of what I need to change.