I am once again asking you to stop using LastPass. The company has a history of security issues dating back years, and has yet to make holistic security improvements — or heck even investigate incidents properly.

Good alternatives:

- 1Password is my #1 rec, best for most use cases
- Bitwarden if you want open source
- KeePassXC if you want local vaults and open source
- I hear ok things about Dashlane but don’t know a ton

blog.lastpass.com/2022/12/noti

@jacob There's a reason to pick BitWarden over 1Password other than the open-source-ness: BitWarden has a "dead man's switch" option to let your family access your passwords in the event of your death. When I switched, people had been asking 1Password for that for years, with no luck.

@mathew @jacob That's very interesting. Out of curiosity, if you use the Emergency Access feature, could law enforcement legally subpeona BitWarden to give them access to your vault?

@mcc @mathew I think if your threat model involves law enforcement you should consult a lawyer not some yutz on Mastodon :)

Follow

@jacob @mcc @mathew (kind of disagree here, you can reason this one easily). If it’s technically possible - and law enforcement of ANY and ALL regions are involved (at any time now or in the future, and don’t forget secret services): assume yes, they could access.
It’s an optional feature per account, if you don’t want that happening, keep it non-dead-man-switched, or have separate accounts.

Sign in to participate in the conversation
Mastodon BASIC experimental (Futex BBS)

Futex BBS