• treadful@lemmy.zip
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Just about every centralized service will be breached at some point. At least they have a cybersecurity team and everybody got notified and can act accordingly. If you choose another just because they haven’t been hacked, it’s just a matter of time. I think they’re still a viable option, just be ready to react to notices like these.

    Personally, I chose the self-hosted route, but that comes at the cost of maybe never knowing if you get breached until its too late.

    • redcalcium@lemmy.institute
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Normally I’d agree with you, but in the case of lastpass, I have to disagree. Ever since they’re bought by LogMeIn, not only they significantly increased the price, they also have security incidents after security incidents, with the worst one in 2022, not to mention a bunch of vulnerabilities that seems so basic it shouldn’t be a problem on other password managers. There were also shenanigans where they seemingly intentionally broke data export to slow down exodus of their users to other password managers.

      They were recently spun off as a separate company from GoTo/LogMeIn, but at this point I have lost faith and would not recommend lastpass at all.