Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents.
  • spaghettiwestern
    4·
    11 months ago

    In 2015 when Lastpass was purchased by Logmein was what convinced me to move to Keepass and ultimately KeepassXC. Syncthing on Linux, Android and Windows, a complex password and separate key file provide multiple layers of security. It works reliably and provides easy access to login information on any device.

    • sugar_in_your_tea
      4·
      11 months ago

      I’ll have to look at it again, but the last time I did, the inconvenience of it not being integrated with my browser kept me away. Bitwarden has been audited, is open source, and can be self hosted.

      • spaghettiwestern
        3·
        11 months ago

        KeepassXC has a browser addon that works well for most sites, but I don’t think you can go wrong with Bitwarden either.

        • sugar_in_your_tea
          1·
          11 months ago

          I’ll have to look into it again.

          Is there anything for Android autofill in apps? It’s not a deal breaker, just nice to have.

          • decisivelyhoodnoises
            3·
            11 months ago

            Keepassxc has a keyboard which you can change to and it fills fields without typing (you need to type your master password though)

            • sugar_in_your_tea
              1·
              11 months ago

              Does it stay unlocked for a while (say, an hour or so)? If so, that’s absolutely an option. I use a very long password, so having to do it every time would be extremely tedious.

          • spaghettiwestern
            2·
            11 months ago

            There is, but I can’t tell you anything except that it exists. I use passwords so infrequently on Android that I’ve never bothered with it.