Friday, December 30, 2022

LastPass Breach

Wired: "Yes, It's Time to Ditch LastPass"

WIRED recommends 1Password and the free service Bitwarden, along with some alternatives. We haven't recommended LastPass since the company scaled back its free offerings a couple of years ago, given that LastPass had suffered an array of past security incidents before this latest, most dire breach was even revealed.

“One hundred percent, yes, people should switch to other password managers,” says one senior security engineer, who asked not to be named because of professional relationships with people on the LastPass security team. “They failed to do the one thing they are supposed to provide—cloud-based secure credential storage.”