Author

Topic: If you use online password managers like Lastpass, export your vault (Read 94 times)

hero member
Activity: 2520
Merit: 952
...encrypt it and put it somewhere safe. Just so, if it goes offline your data remains safe.
In the case of LastPass's recent data breach, it is not enough to just migrate your vault to an offline place or some other password manager. All your passwords and other sensitive information became accessible, albeit in encrypted form, to whoever conducted that hacker attack, which means in the long run, if the master passphrase you have set up was too weak, you can safely assume that all your passwords have already been compromised. So, it is usually pointless to re-use an old vault since all the passwords it contains have potentially been compromised. I suggest the following solution: login to websites on which you have accounts using LastPass, change your passwords one by one, inserting them in a more reliable password with a randomly generated master password. It will take some time, but it is more secure than simply using your old passwords in a new manager.

I meant it for original user -  so there remains a way to access your data in case company itself goes off. What security if you can't access your own data in first place?
legendary
Activity: 1974
Merit: 1108
Free Free Palestine
...encrypt it and put it somewhere safe. Just so, if it goes offline your data remains safe.

Should use bitwarden or keepass as mk4 mentioned instead of lastpass, lastpass can be said to be the worst password manager app with many attacks in the past. I am also using bitwarden, but just to create and save regular passwords, passwords related to bank accounts should not be saved here, especially never save private keys here. Although these apps haven't been hacked like lastpass, there's no guarantee they won't be hacked in the future.
legendary
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
...encrypt it and put it somewhere safe. Just so, if it goes offline your data remains safe.
In the case of LastPass's recent data breach, it is not enough to just migrate your vault to an offline place or some other password manager. All your passwords and other sensitive information became accessible, albeit in encrypted form, to whoever conducted that hacker attack, which means in the long run, if the master passphrase you have set up was too weak, you can safely assume that all your passwords have already been compromised. So, it is usually pointless to re-use an old vault since all the passwords it contains have potentially been compromised. I suggest the following solution: login to websites on which you have accounts using LastPass, change your passwords one by one, inserting them in a more reliable password with a randomly generated master password. It will take some time, but it is more secure than simply using your old passwords in a new manager.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
Just to add more info: good alternatives to the likes of LastPass would be either Bitwarden or KeePass; with both being open-source and free.

https://bitwarden.com/
https://keepass.info/
There is KeepassDroid for Android devices too.

Quote
Still, don't store your wallet's backups on such software unless you 100% know what you're doing; which like 95% of people don't.
I would like to store all backups offline that is better than online and on digital devices which can be hacked if they are connected to Internet or can be broken by technical issues.

[GUIDE] How to Create a Strong/Secure Password
Are your passwords in the green?. Read this educational article about password security and check your password later, then change it if it is weak in your opinion.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Just to add more info: good alternatives to the likes of LastPass would be either Bitwarden or KeePass; with both being open-source and free.

https://bitwarden.com/
https://keepass.info/

Still, don't store your wallet's backups on such software unless you 100% know what you're doing; which like 95% of people don't.
hero member
Activity: 2520
Merit: 952
...encrypt it and put it somewhere safe. Just so, if it goes offline your data remains safe.
Jump to: