Post ARB061KjhzzfQCUlay by hexadecim8@infosec.exchange
 (DIR) More posts by hexadecim8@infosec.exchange
 (DIR) Post #ARB05zt35SFgw2X8ng by hexadecim8@infosec.exchange
       2022-12-31T18:55:15Z
       
       0 likes, 0 repeats
       
       Security professionals have been advising users to use password managers for years knowing a breach like the LastPass breach would happen eventually. Furthermore, we were right to do so. The risk of someone cracking a copied password vault and getting an entire list of complex passwords is still better than reusing the same single password for every account even if that one password is complex.
       
 (DIR) Post #ARB061KjhzzfQCUlay by hexadecim8@infosec.exchange
       2022-12-31T19:12:11Z
       
       0 likes, 0 repeats
       
       This isn’t an excuse for bad practices at LastPass though. They deserve shame for rolling their own crypto at minimum considering this is the #1 rule for anyone managing encryption. They should explain why this decision was made.