#Bitwarden is awesome. It's FOSS, has all the features you could want, and it's free. I still pay for it just to support the development though. I have gotten my family to switch over too, after all the LastPass security breaches.

I switched from #LastPass a few years ago right after they were bought by #Logmein. They had not had all the security blunders yet, but LogMeIn still had a history of being an awful company. I wanted nothing to do with them.

https://www.pcworld.com/article/1655588/i-switched-from-lastpass-to-bitwarden-and-im-not-going-back.html

#GoTo (formerly #LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups containing customer information and an encryption key for a portion of that data. This is relating to the Central and Pro product tiers stored in a third-party cloud storage facility: https://www.bleepingcomputer.com/news/security/goto-says-hackers-stole-customers-backups-and-encryption-key | #databreach #infosec

#lastpass #databreach was just the tip of the iceberg. The parent company #GoTo, formerly #LogMeIn suffered a #databreach too. According to the news, #customer #backups and #encryption keys were stolen by an unidentified actor from the #cloud #storage. I wonder how many businesses were affected, how many are aware and will manage this kind of incident. (And why the encryption keys were in the cloud too).

Via @RightsChain

https://rightschain.net/en/newsroom/news/2023-01-25-lastpass-parent-company-data-breach-compromises-customer-s-backups-the-hacker-news.php

So we were already switching away even before that 🤷‍♂️

#lastpass #logmein #security #LastPassHack #LastPassBreach

https://www.theverge.com/2023/1/24/23569109/goto-hack-lastpass-breach-encrypted-backups-key

GoTo says hackers stole customers' backups and encryption key

https://www.bleepingcomputer.com/news/security/goto-says-hackers-stole-customers-backups-and-encryption-key/
#GoTo #CyberSecurity #CyberCrime #DataPrivacy #DataBreach #Security #LogMeIn

The #LastPass #databreach just gets worse and worse.

"Our investigation to date has determined that a threat actor exfiltrated encrypted backups from a third-party cloud storage service related to the following products: Central, Pro, join.me, Hamachi, and RemotelyAnywhere. We also have evidence that a threat actor exfiltrated an encryption key for a portion of the encrypted backups."

@CarlyPage@mstdn.social of
@TechCrunch has the latest update:
https://techcrunch.com/2023/01/24/goto-customer-backups-stolen-lastpass/

#LogMeIn #GoTo

Are You On LastPass? Time To Look At Alternatives
LastPass was the first password manager I was aware of. The premise was simple: Using a LastPass account, you could store your website credentials in a "vault" on
https://medi-nerd.com/2023/01/08/are-you-on-lastpass-time-to-look-at-alternatives/
#Technology #1Password #AreYouOnLastPass?TimeToLookAtAlternatives #BitWarden #Dashlane #DonPezet #ITProTV #LastPass #LogMeIn #PasswordManager #SecurityNow #SteveGibson #Technado #Technology #TWiT

So, I got on board with #Lastpass years ago, pre their acquisition by #LogMeIn, and many respected and knowledgeable security experts were praising their processes, methods, disclosure. I know that the LogMeIn acquisition was seen as the beginning of the end for Lastpass, with staff cuts, code environment changes, and other poor practices known to LogMeIn.

It's that I'm hearing people attacking the same features that were previously praised, and I'm sensing some cognitive dissonance around "are we critically reviewing the tech, or dog piling a target?" probably some of both, and it is probably time to move off Lastpass, but there's an undercurrent of hypocrisy that's gnawing at me...

https://www.theverge.com/2022/12/28/23529547/lastpass-vault-breach-disclosure-encryption-cybersecurity-rebuttal

@zarchasmpgmr @epixoip @sc00bz Ahh, now I remember why *I* dropped them.

Everyone was grateful when #LastPass saved #XMarks from insolvency, but they were a poor fit and barely did anything other that fix the occasional bug. Then LastPass was acquired by #LogMeIn (#GoTo considered harmful) as an even worse fit, LastPass’s breach troubles accelerated, and two years later they gave all of a month’s notice before shutting down XMarks.

I stopped using #LastPass not long after #LogMeIn bought it — their track record was not good and I didn't feel my data would be safe — #security problems do and will always happen, but LastPass now admits attackers have a copy of customers’ password vaults (this was from the August 2022 incident)...

Read more: https://thehackernews.com/2022/12/lastpass-admits-to-severe-data-breach.html and LastPass blog https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

#privacy #passwords #passwordmanager #backup #userdata

oh and I moved to #bitwarden after #lastpass price skyrocketed after being bought by #logmein
It really is a great service and I am glad to pay money for it.
https://bitwarden.com

oh and I moved to #bitwarden after #lastpass price skyrocketed after being bought by #logmein
It really is a great service and I am glad to pay money for it.
https://bitwarden.com

I'm happy to have fled nasty #LogMeIn #LastPass, now I use #Bitwarden as a #passwordmanager.

https://infosec.exchange/@alexlomas/109559216736380908

@bryanmsmith #LastPass is so last season
I drop them when they were bought by #LogMeIn
Been using @bitwarden for years no complaints

Lord help us from software vendors who put out a security advisory without any actionable content. Today it's #GoTo (of #LastPass and #LogMeIn fame) who have said "Something has happened and we're looking into it" but absolutely no information as to which product, what kind of issue, or -- most importantly -- if I need or even *can* do anything about it. Given that one of their products is a password wallet while the other grants remote access to private systems this would be good to know.

Episode 190: 20 Years, 300 CVEs. Also: COVID’s Lasting Security Lessons - In this episode of the podcast (#190), sponsored by LastPass, Larry Cashdollar of Akamai joins us to... https://feeds.feedblitz.com/~/636683234/0/thesecurityledger~Episode-Years-CVEs-Also-COVIDs-Lasting-Security-Lessons/ #nationalcybersecurityawarenessmonth #criticalvulnerabilities #vulnerabilities #cybersecurity #companies #lastpass #podcasts #logmein #threats #covid19 #podcast #akamai #covid #event

With Remote Work: MFA Makes Everyone Happy - The sudden shift to remote work poses two challenges to organizations: fending off cyber attacks a... more: https://feeds.feedblitz.com/~/622725950/0/thesecurityledger~With-Remote-Work-MFA-Makes-Everyone-Happy/ #identityandaccessmanagement #multi-factorauthentication #two-factorauthentication #authentication #technologies #remoteoffice #topstories #companies #lastpass #sponsors #logmein #opinion #reports #covid19

Spotlight Podcast: The Demise of the Password may be closer than you think! - In this Spotlight* podcast, Yaser Masoudnia of LogMeIn and LastPass talks about the continued persis... more: https://feeds.feedblitz.com/~/619112596/0/thesecurityledger~Spotlight-Podcast-The-Demise-of-the-Password-may-be-closer-than-you-think/ #topstories #interview #podcasts #lastpass #password #logmein #podcast

Opinion: AI and Machine Learning will power both Cyber Offense and Defense in 2020 - Artificial intelligence and machine learning hold great promise for both defenders and attackers, ... more: https://feeds.feedblitz.com/~/617703132/0/thesecurityledger~Opinion-AI-and-Machine-Learning-will-power-both-Cyber-Offense-and-Defense-in/ #artificialintelligence #newyearpredictions #machinelearning #cybersecurity #technologies #cyberattacks #companies #lastpass #cyberwar #logmein #opinion #reports

Investoren schnappen sich #Lastpass-Betreiber #Logmein für 4,3 Milliarden.
Also ich hätte mehr als Bauchschmerzen, wenn meine Passwörter als Ware gehandelt würden.

https://t3n.de/news/investoren-schnappen-logmein-fuer-1235158/