Another LastPass vulnerability

Because I have so very many usernames and passwords, I must use some sort of password database manager.
For sometime now I have been using KeePass – an open source password manager.
Though it using it ‘can’ be slightly more onerous than a completely ‘online’ password manager like LastPass, 1Password, Dashlane or the like, it provides for WAY more security by enabling you to ‘own’ the database AND a seed file. And being an IT security guy here is no way I’d put my passwords in the cloud.

KeePass is technically an offline password manager, but its database can be synced between computers with a service like Dropbox, Google Drive or the like. Of course, at that point, you’re putting your passwords back in the cloud. BUT if you have created a KeyFile and don’t place that in the cloud and use something that is not obvious. You eliminate the ability for someone to just steal your password database and start brute forcing it.

Okay so now some more bad news. LastPass, probably the most widely used online password keeper, is once again in the news for some VERY serious security flaws.

You might want to rethink your password manager solutions or go back to pen and paper.

Leave a Reply

*