Lastpass hacked

[Decay]

Why would you need to use something like Lastpass when the browser asks you every time if you want to save the password? Or is that incredibly unsafe or something I'm too lazy to care about?

[sanahtlig]

Sasuga Decay, our opinions match even on matters completely unrelated to VNs.

 

I used my previous password scheme for 1-2 years fearing that I might become overly reliant on a password solution I might end up discarding.  Then Mangagamer got hacked by some deluded hacktivist out to protect the children, and I decided that it was time to use randomly generated unique passwords on most sites I frequent.  I like the multi-factor authentication / trusted device option because it's a nice mix of security and convenience.  In general we use a limited number of devices, so trusted devices keep out the bad guys while minimizing interruptions of daily routines.

[Meat_Bun1]

My problem isn't remembering the passwords (which is easy, they're a combination of phone numbers relevant words and there's even a question and answer there somewhere) it's remembering which passwords corresponds to what.

It's good to know that somebody else also has this problem

 

Although multi-factor authentication can be inconvenient (log into account on computer, unlock phone for authenticator), I feel much safer knowing that remote attacks will have much more difficulty succeeding.

[sanahtlig]

There are many online tips for how to best protect your computer against malware, but people tend to prioritize certain tools differently. Google wanted to know what both non-experts and experts thought about the top 5 security practices, so the company interviewed 231 "security experts" as well as 294 non-expert Web users about it.

 

Both groups agree that proper password management is necessary, but they disagree on the approaches. Non-experts suggested you should use "strong passwords" as well as "change passwords frequently" to stay ahead of malicious hackers. The security experts thought it's much better to let a password manager handle passwords for you.

 

One expert said: "Password managers change the whole calculus because they make it possible to have both strong and unique passwords."

 

The experts used password managers three times more frequently than non-experts. Only 24 percent of the non-experts used password managers for at least some of their accounts, compared to 73 percent of the experts.

 

Google's findings suggested that the reason most non-users don't take advantage of password managers is either because they don't know too much about them or they don't trust them to not be hacked. One non-expert said, "I try to remember my passwords because no one can hack my mind."

[Abyssal Monkey]

 

Security Experts: Updating Software Best Way To Stay Safe Online (Tom's Hardware)

 

I think that the take-home message here is that a lot of people think they know something about online security, but even when they're right they fail to correctly prioritize what's important--which is particularly harmful when they're advising others about what's important.

 

What's the most recommended password manager?

 

http://www.techradar.com/us/news/internet/web/best-password-managers-2015-our-top-choices-1284229

http://lifehacker.com/lifehacker-faceoff-the-best-password-managers-compare-1682443320

http://www.pcmag.com/article2/0,2817,2475964,00.asp

http://www.infoworld.com/article/2936524/password-security/review-the-best-password-managers-for-pcs-macs-and-mobile-devices.html

 

tldr; Get Lastpass.

 

The general consensus is that if you have multi-factor authentication enabled on your Lastpass account, you have very little to fear from hackers targeting your Lastpass account remotely (the typical concern of non-expert critics).  The combination of security and convenience is unmatched--and for PC users it's free!

 

The bait.  It's really strong, but I'm going to resist.