We were piloting #LastPass for the past year. We only had about 30 users on it. Our goal was to pilot it for 150 users but other priorities caused us to miss that goal. I’m glad we missed that goal lol.

After the LastPass news late last year we decided to move on. It was a bit difficult to cancel. I got the runaround for about a month. Finally LastPass processed the cancellation.

We have been demo’ing #1Password for about a week. So far I like the product and there are some functions I like better in 1Password.

We reached out to #BitWarden but they haven’t been responsive. We will see a demo of #Dashlane soon.

Any others worth looking at? My goal is to have our ~365 users using a password manager. I’m looking for ease of use for a general user. Solution must work within a VDI environment. 1Password says it will work in VDI but that it isn’t supported.

#PasswordManager #PasswordVaults #InfoSec #CyberSec

I have been a paying customer of #LastPass for years. I started looking at #1password after the news of LastPass’s breach but then decided to stay put due to inertia. Today’s news is too much. My migration to 1password begins tomorrow in earnest. #cybersecurity #passwordvaults https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/

The blast radius of a stolen secret is knowable in advance of the stealing.

You don't necessarily abandon a custodian because they got hacked.

You leave them because they architected a service that depends on high-blast-radius secrets, and got burnt.

https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/

#PasswordVaults #DataBreach