The August LastPass breach is worse than we thought. I've seen enough. If you use this service, time to dump them.
#cososec
https://twitter.com/SwiftOnSecurity/status/1606071798667173888
Update from a former LasrPass engineer. It gets even worse.
https://twitter.com/ejcx_/status/1606428769731878913
@voltronic ...if you can. Last I checked the Cancel Subscription button was removed from the account management interface.
@kel
Are you f'ing kidding me? Shameful.
@voltronic Any other viable options?
As if I didn't have enough things on my to-do list already. 🤬
But I really appreciate you sharing the info.
@voltronic Yup. Time to dump them. Moved to 1Password 2 weeks ago. Today, changed banking passwords, didn't put new ones into LastPass. Changed master password and MFA.
@voltronic I dumped LastPass a couple of years ago.
Here are good alternatives. I use Bitwarden, as do many others here.
https://www.privacytools.io/secure-password-manager
At minimum, I would strongly urge all LastPass users to change their master password to something stronger than it currently is, AND change passwords for all accounts in your vault. Then, enable 2FA for all accounts that support it if you haven't done so already. (This is best practice, regardless.)