Post
🚨 New research from ETH Zurich has found that popular password manager's zero-knowledge encryption claims don't fully hold up if their servers are compromised. ⚠️
🔑 LastPass, Dashlane & Bitwarden were identified as being affected, this is significant because cloud password managers commonly claim that their user's data would be unaffected if they were compromised. 👾
@privacyguides same old story and yet ppl still not convinced to local only password managers like keepassxc...
✅ Dashlane & Bitwarden promptly issued fixes.
❌ LastPass did not issue a fix and stated: "our own assessment of these risks may not fully align with the severity ratings assigned by the ETH Zürich team."
💡In 2022, LastPass experienced a breach that impacted 1.6 million users due to inadequately strong technical and security measures within their infrastructure.
The best time to switch from LastPass was yesterday; the second best is today. 🗑️
Here's what we recommend ⬇️
@privacyguides
Lastpass is an absolutely AWFUL company.
After LogMeIn got their hands on them the prices skyrocketed from $12 to $24 to $36 to $48 a year for their premium plan.
I switched to Bitwarden, who have kept their premium plan at just $10 a year, for many years now.
With ownership of Lastpass now in the hands of not one, but two investment companies, one really has to question where Lastpass's priorities lie.
@privacyguides
Do you have another source for Bitwarden havin fixed the issues? If i am not mistaking, i can't see where they say something explicit about Bitwarden fixing these issues in the linked article.
@privacyguides A better name for LastPass is LostPass
☁️ Secure cloud password managers
➡️ For more info visit our site: https://www.privacyguides.org/en/passwords/#cloud-based
📍 Secure local password managers
➡️ For more info visit our site: https://www.privacyguides.org/en/passwords/#local-storage
@privacyguides what do you recommend for self-hosting a password manager?
KeePassXC would be our recommendation for an offline password manager. You can see all our recommendations here: https://www.privacyguides.org/en/passwords/#local-storage
