Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

[TaterChip]

This is the only password manager I will use.

https://i.pinimg.com/originals/d2/3a/b7 ... 4e91a1.jpg

do you know, how long it would take an 80 year old senior, to find the correct password, amongst 1,511 entries?

we would give up, and use an open password manager first

that'd the beauty of Keepass.... there is an easy to use search function

[TaterChip]

This is the only password manager I will use.

https://i.pinimg.com/originals/d2/3a/b7 ... 4e91a1.jpg

do you know, how long it would take an 80 year old senior, to find the correct password, amongst 1,511 entries?

we would give up, and use an open password manager first

My parents are in their mid-70s and they also use the paper way of keeping track of their passwords. What they did was purchase an address book and then each password gets sorted alphabetically.... So Amazon goes into the A's. This greatly speeds up their chances of finding what they're looking for.

[Moem]

I have converted over to KeePassXC,
that is a start

It's an excellent step, well done.

[TaterChip]

what makes my password database so bad,
is that I use Yahoo's ability to assign a unique throw-away email address to unknown entities.....

Come on man, do you really think all those emails aren't known to be associated with you and your primary address? Yahoo is selling your usage for $$. The worse thing about Yahoo is you've been using them for almost 30 years...think about it. Oh yeah, they really know you...and appreciate your contribution to their algorithm, cleverly transparent you're not.
How many times has Yahoo's data been completely compromised in 30 years? It's more than once...
Spam blockers like SpamAssassin know...so use them, they're a binary friendly, sending/receiving emails in text disinfects the rest.
I have older clients who still pay monthly to use free AOL. D'oh!

I used to have Yahoo Mail a long time ago. Then one day, they popped up a message on my screen that said they would only allow me to access my email if I turned off my ad blocker. They wanted to show ads in my email account. That was the same day that I moved emails elsewhere and I havent looked back.

[coffee412]

We should all know by now that free email is not the way to go. With free email you are just there to be harvested and sold to advertisers and whoever. Whats worse, When these places (MS included) get broken into / hacked on the server side you only hear about it a month or more down the line. You can argue that they must by law report any break ins. However, If you do not find out then they do not report or come up with some flimsy excuse why it took so long to report. Its terrible. I have one gmail account. I consider it the 'dump'. Where I really do nothing with it. All my other emails are on pay servers where I get real support if things go wrong. Of course any server stands the chance of a break in. But at least I do not have ads popping up in my email and all kinds of 'tom foolery' going on like the free services.

My keepassxc is stored in my home directory and auto logout is setup for 1 hour. I would never in my life consider storing login credentials on any other system but my own. Its just basic logic that its not safe no matter what they spoon feed you about how great their service is. I also do not use the browser plugins. The auto login feature of keepassxc works just fine and I can customize it per website.

[AZgl1800]

I used to have Yahoo Mail a long time ago. Then one day, they popped up a message on my screen that said they would only allow me to access my email if I turned off my ad blocker. They wanted to show ads in my email account. That was the same day that I moved emails elsewhere and I haven't looked back.

I use uBlock Origin with Yahoo email, with nary a complaint.
don't know why you were having problems with it?

I never see adverts on Yahoo.

they keep asking me to "update" to their Plus account, nope, keeping it just like it is,
I am Grandfathered in from being with them since they arrived on the scene.

[argentwolf]

I use uBlock Origin with Yahoo email, with nary a complaint.
don't know why you were having problems with it?
I never see adverts on Yahoo.

The problem with Yahoo and you're right, many others, is not about the frustrating email experience (i.e., seeing spam and ads), but much, much more...they're actively collecting everything about you from your communications (the body of the email, and address book), it's their 'free' business model. The data they collect is why criminal entities attempt to gain access to their data...data points = $$. Every little effort to deny surveillance and collection success is a noble and virtuous cause. I'm pleased you've moved the keys to your castle into your own possession and compute with Linux, it is a valiant start sir!

"Data and Goliath: The Hidden Battle to Collect Your Data and Control Your World (Review)"
https://www.schneier.com/news/archives/ ... eview.html

[t42]

The constant religious-like preaching on surveillance to the masses became tiresome. Preaching to the masses, preaching to the choir, trying to excite allegedly small and wretched unimportant people restlessly robbed by giant corporations. What it has to do with Linux and with this purely technological forum! Please do not convert the choice of appropriate program or service to political fight for freedom.

[xenopeek]

admin note: this topic is about news about the LastPass breach. Let's get back on topic. For other discussions feel free to start a new topic.

[AZgl1800]

take your Pulpit to Facebook where it can be appreciated,
you just earned a BLOCK for your posts,
I am sick and tired of your constant haranguing.

[TaterChip]

I used to have Yahoo Mail a long time ago. Then one day, they popped up a message on my screen that said they would only allow me to access my email if I turned off my ad blocker. They wanted to show ads in my email account. That was the same day that I moved emails elsewhere and I haven't looked back.

I use uBlock Origin with Yahoo email, with nary a complaint.
don't know why you were having problems with it?

I never see adverts on Yahoo.

they keep asking me to "update" to their Plus account, nope, keeping it just like it is,
I am Grandfathered in from being with them since they arrived on the scene.



yahoo plus nope.jpg

this was probably close to two decades ago. I'm sure they have changed things since then.

[argentwolf]

"Fool me once, shame on you; fool me twice, shame on me"
Can or would you ever again trust Lastpass with the keys to your castle?
First time compromised (Nov. 2022) is on Lastpass, I moved to Keypassxc in Dec. 2022, their will never be a second time compromise I experience, for Lastpass is forever untrustworthy dead to me...
We shouldn't give insecurity a second chance. #TNO

[coffee412]

"Fool me once, shame on you; fool me twice, shame on me"
Can or would you ever again trust Lastpass with the keys to your castle?
First time compromised (Nov. 2022) is on Lastpass, I moved to Keypassxc in Dec. 2022, their will never be a second time compromise I experience, for Lastpass is forever untrustworthy dead to me...
We shouldn't give insecurity a second chance. #TNO

Why on earth would you store your most sensitive of sensitive stuff out on someone elses computer which they like to call the 'cloud' ???? It makes absolutely no sense to me.

[mediclaser]

"Fool me once, shame on you; fool me twice, shame on me"
Can or would you ever again trust Lastpass with the keys to your castle?
First time compromised (Nov. 2022) is on Lastpass, I moved to Keypassxc in Dec. 2022, their will never be a second time compromise I experience, for Lastpass is forever untrustworthy dead to me...
We shouldn't give insecurity a second chance. #TNO

Why on earth would you store your most sensitive of sensitive stuff out on someone elses computer which they like to call the 'cloud' ???? It makes absolutely no sense to me.

I agree. There is no safer place to save your passwords than your own brain.

[argentwolf]

I agree. There is no safer place to save your passwords than your own brain.

Too clever-by-half! Unless one's only using a handful of user-id's and passwords for all their online logins (definitely not advisable), have a serious un-patterned naming scheme, and/or you're a savant, our intellect hasn't the capacity to manage the password store.

[mediclaser]

I agree. There is no safer place to save your passwords than your own brain.

Too clever-by-half! Unless one's only using a handful of user-id's and passwords for all their online logins (definitely not advisable), have a serious un-patterned naming scheme, and/or you're a savant, our intellect hasn't the capacity to manage the password store.

I've got countless logins, and they all have different passwords.

[argentwolf]

I've got countless logins, and they all have different passwords.

Countless? I guess you're the exception to the rule.

[mediclaser]

I've got countless logins, and they all have different passwords.

Countless? I guess you're the exception to the rule.

It helps when you have a wide range of subjects you're interested in (hobbies, sports, music, arts, culture, engineering, automotive, aerospace, biology, history, materials & chemistry, cooking, games, gadgets, religion, politics, ...).

[coffee412]

I agree. There is no safer place to save your passwords than your own brain.

Not sure on that one ah, whats your name again??? lol....

KeepassXC for the win!

[mediclaser]

I agree. There is no safer place to save your passwords than your own brain.

Not sure on that one ah, whats your name again??? lol....

Touché!