Altcoins Talks - Cryptocurrency Forum
Learning & News => News related to Crypto => Topic started by: _act_ on March 07, 2025, 08:50:25 PM
-
It is no more new but more losses are always linked to LassPass which was an online password manager. Before the stolen of more information that the hackers are using to steal from people, we warned people but they did not listen. LassPass issue has started since 2021 or 2022 until hackers were able to have full access to people's information and using it to steal from them.
Millions of dollars stolen has been linked to LassPass hack but another one has been linked to it by crypto investigator ZachXBT again now.
The January 2024 theft of 283 million XRP from Ripple co-founder Chris Larsen’s personal accounts has been linked to a password manager breach, according to a forfeiture complaint filed by US law enforcement revealed by crypto investigator ZachXBT.
The investigator shared (https://t.me/investigations/232) a screenshot of the forfeiture complaint in his Telegram channel on March 7, claiming the theft “was the result of storing private keys in LastPass (password manager which was hacked in 2022). Up to this point, Chris Larsen had not publicly disclosed the cause of the theft.”
(https://www.talkimg.com/images/2025/03/07/0Qbgg.jpeg)
I do not know how someone will be able to sleep comfortably overnight and have a private key that have access to millions of dolar worth of coin on an online manager.
-
I've been considering lastpass before to use as my password manager but i didn't do it, idk, it's just that i don't feel like using password manager even today. But saving your private keys to something like password manager is big no-no. It's worse than saving password to Google drive. Password managers are one of to-do list of hackers to get access to when all passwords located in a single place It's not only for thousands of users but maybe hundred of thousands of users accounts connected to it, possible emails are saved there too so it will be easy for hackers to access those accounts, unfortunately.
-
It's worse than saving password to Google drive.
I do not know which one is the worst but I see them all as the same unless it is offline. Only offline savings of information like that I can consider safe and secure.
-
It is no more new but more losses are always linked to LassPass which was an online password manager. Before the stolen of more information that the hackers are using to steal from people, we warned people but they did not listen. LassPass issue has started since 2021 or 2022 until hackers were able to have full access to people's information and using it to steal from them.
Millions of dollars stolen has been linked to LassPass hack but another one has been linked to it by crypto investigator ZachXBT again now.
The January 2024 theft of 283 million XRP from Ripple co-founder Chris Larsen’s personal accounts has been linked to a password manager breach, according to a forfeiture complaint filed by US law enforcement revealed by crypto investigator ZachXBT.
The investigator shared (https://t.me/investigations/232) a screenshot of the forfeiture complaint in his Telegram channel on March 7, claiming the theft “was the result of storing private keys in LastPass (password manager which was hacked in 2022). Up to this point, Chris Larsen had not publicly disclosed the cause of the theft.”
How did he let it happen?
It is not that hard to store your seeds offline, specially when we are talking about millions of dollars...
I am impressed by how those big whales in crypto can be so naive and make so big mistakes..
-
I do not know how someone will be able to sleep comfortably overnight and have a private key that have access to millions of dolar worth of coin on an online manager.
The thing is that these people trust too much, and then they end up being bitten by it. Some of these companies have and show a high level of organization that people could easily get lured into trusting them. Experience will tell you that it is a wrong choice to trust so much, but because some of these people lack experience, they never know or do not take it seriously when they are told about the danger.
-
Passwords should be stored in recommended password managers, but seed phrase or private keys should never be stored in any password manager. It is not so hard to back up your seed phrase offline, buy a stainless steel and engrave your seed words on it yourself, that is very safe.
-
I've been considering lastpass before to use as my password manager but i didn't do it, idk, it's just that i don't feel like using password manager even today.
Don't. According to grok, Lastpass had a data breach in 2015, another in august 2022, and a third one in november of that same year. Yes, that's not exclusive to them, but still... not sure why anyone would still use them.
I've used Bitwarden for quite some time with a very strong password and 2FA, that's probably safer while not 100% bullet proof as a airgapped fully offline solution. Still, convenience has a price and I'm ok with that. ;D
Also, you can self host your bitwarden vault for maximum control. But yeah, only keep password there, not private-keys worth $150 million usd.
-
I do not know how someone will be able to sleep comfortably overnight and have a private key that have access to millions of dollar worth of coin on an online manager.
This is showing us that some form of stupidity is present in all of us...and it does not matter if you are very much involved with cryptocurrency and you have years of experience in the industry. Well, am guilty on this point from time to time...but if I have millions worth of digital assets I would think hard whether to trust an online password manager like LatPass. Years ago I was using LastPass but I stopped it since I am aware of the possible risks involved even if I was not yet into the industry at that time. Security is always of paramount concern whether you got millions at stake or just hundreds...as it would be difficult to make money these days.
-
I've been considering lastpass before to use as my password manager but i didn't do it, idk, it's just that i don't feel like using password manager even today. But saving your private keys to something like password manager is big no-no. It's worse than saving password to Google drive. Password managers are one of to-do list of hackers to get access to when all passwords located in a single place It's not only for thousands of users but maybe hundred of thousands of users accounts connected to it, possible emails are saved there too so it will be easy for hackers to access those accounts, unfortunately.
it can be quite risky because even without hackers, the platform may experience some difficulties on their own and might leak the passwords stored in them so we never really know just how much secure they are even if they have been very efficient in storing passwords you never know what can happen in one day just like what happened with bybit wherein they were reliable until they were vulnerable enough
-
I am impressed by how those big whales in crypto can be so naive and make so big mistakes..
Its been said thousands of times before that we are our own bank when it comes to investing in cryptocurrency, and part of securing is knowing where to place our seeds and what tools to use to secure our coins.
Password manager is never a place to store your private keys. If you do not understand how hackers work and their primary targets are password managers, then you are going to be in trouble.
-
I do not know how someone will be able to sleep comfortably overnight and have a private key that have access to millions of dolar worth of coin on an online manager.
Your curiosity is real because what is the meaning of using a non custodial wallet if we have to lock it using an online password manager that can have loopholes in it and hackers could access the wallet once they hack the password manager, some managers are so hard to break in that with few wrong attempts it would delete all the data within.
These hackers are smart they know who they should target for their hacking because how one can know for sure if a person is using an online manager to store their passwords while they should be either memorizing it or writing it down somewhere more save.
-
because how one can know for sure if a person is using an online manager to store their passwords while they should be either memorizing it or writing it down somewhere more save.
We are not talking about passwords here, but seed phrase or private keys, there is nothing wrong in storing passwords in a password manager, what is wrong is storing sensitive data in it. The best way to back up a seed phrase is offline, engraving it in a stainless steel or writing it down on paper.
-
I have never believed in password managers on my computer or mobile, so I never store my passwords using a password manager.
Sometimes I store some passwords for some unimportant websites on my Chrome password manager and it has already been hacked, fortunately the passwords stored there are unimportant.
I wonder how someone can store passwords for their accounts worth millions of dollars on a password manager or cloud or something like that, this is very dangerous.
-
I wonder how someone can store passwords for their accounts worth millions of dollars on a password manager or cloud or something like that, this is very dangerous.
The person in this case didn't just store passwords in a password manager, they stored their private keys in a password manager, which is crazy when you think about it. The password manager was hacked and the funds was stolen, people need to understand that anything online is prone to hacking, it may not have happened yet, but that does not mean it is safe.
-
This sounds new to me, that people take the risk of saving wallet seed phrase with an online platform???
As I started reading the contents of your post beginning from the topic, I was wondering if it is now something bad to store passwords and codes with an online manager. Because I am a big fan of storing passwords with google. But reading down, I comprehended the motive of your post. And right now I'm still wondering how could users possibly trust a platform to the level of saving his/her wallet seed phrase with them. There's a statement some crypto enthusiasts around me always say and it goes "Never Disclose your Wallet Seed phrase to Anybody"
Saving wallet seed phrase with an online platform, I see it a form of laziness.
No matter how a wallet seems useless to me, I always write down my seed phrase and keep it somewhere very safe and secured how much more a wallet that contains something tangible.
-
I wonder how someone can store passwords for their accounts worth millions of dollars on a password manager or cloud or something like that, this is very dangerous.
The person in this case didn't just store passwords in a password manager, they stored their private keys in a password manager, which is crazy when you think about it. The password manager was hacked and the funds was stolen, people need to understand that anything online is prone to hacking, it may not have happened yet, but that does not mean it is safe.
This is even more crazy, storing private keys on the cloud or password manager is irresponsible and absolutely crazy.
I honestly don't understand how these people after all this huge amount of news we hear about hacking platforms and third party services on the internet I wonder how they are still using these services.
-
Passwords should be stored in recommended password managers, but seed phrase or private keys should never be stored in any password manager. It is not so hard to back up your seed phrase offline, buy a stainless steel and engrave your seed words on it yourself, that is very safe.
There are some wallets I guess which allow us to set passwords especially using these password managers and when someone try wrong passwords for multiple times they even erase the data or lock it for a specific period of time, that's why people use these password managers.
You might have heard of a news where a person locked his wallet using some password manager and now forgot the password to unlock it, he also hires hackers to break the security protocols of it to unlock but failed to do so, point is sometimes these are good but here in this case it's not.
-
I honestly don't understand how these people after all this huge amount of news we hear about hacking platforms and third party services on the internet I wonder how they are still using these services.
So many people do not learn, they just buy BTC but they do not want to learn how to keep it safe. It is the same way people store their funds in centralized exchanges, despite all the events of collapsed and bankrupt exchanges, or when people store their main stash in a hot wallet.
-
Such an idiot, him.
He thought that keeping his seed phrases electronically stored was a great idea?
If that's the case, then I'm not surprised how his account was drained. His email addresses are well-known, so that means he was always going to be a high-value target for anyone trying to make a ton of money.
It's not a good thing that this happened, but you can take a stand against this by not using Lastpass. I already canceled my subscription for it a while ago.
-
This is insane. Someone as rich as him could afford better and more expensive security option (such as hardware wallet).
Such an idiot, him.
He thought that keeping his seed phrases electronically stored was a great idea?
If that's the case, then I'm not surprised how his account was drained. His email addresses are well-known, so that means he was always going to be a high-value target for anyone trying to make a ton of money.
It's not a good thing that this happened, but you can take a stand against this by not using Lastpass. I already canceled my subscription for it a while ago.
It doesn't stop there. It also means he either never research about LastPass or intentionally ignore past LastPass security incident that happen almost every year.
-
I don't know maybe it's because of lack with the required information about how to avoid using the centralized platforms in making storage for our sensitive information or maybe the people are just willing to tempt taking the risk for nothing, because these people have every access that can use to get all of our online information on their platform, then why should we be careless in rendering them the full access to what belongs to us from the first place, the earlier we realized these the better for us.
-
It doesn't stop there. It also means he either never research about LastPass or intentionally ignore past LastPass security incident that happen almost every year.
People are lazy, they don't do research and they do not also follow events that happen in the industry, and many times they regret it in the end when it comes back to bite them. It does not cost much to get a hardware wallet, or to buy a stainless steel and engrave your seed words, but many people want to do things the 'convenient' way.
-
This is why I don't use them, very risky at all. So, I will go with the old traditional way of writing my passwords and seeds on a notebook instead of an online manager. Or if I'll keep some information on my PC, I'll make sure that it won't be broadcasted in the web or I won't be publishing it online. That's very risky to think of when most important details of ours, logins, passwords, etc. To be published online.
-
Passwords should be stored in recommended password managers, but seed phrase or private keys should never be stored in any password manager. It is not so hard to back up your seed phrase offline, buy a stainless steel and engrave your seed words on it yourself, that is very safe.
Besides all this options that has been used to store passwords, seed phrases and private keys, I think the best option, in my opinion is a written down password, seed phrases and private keys. This should be written on a sheet of paper and store in a safe places.
Storage managers is has it own risk especially if it is linked to the Internet, instead of storing your crypto assets where you can easily forget or misplaced your password, private keys, it best to have it written down on paper or a notebook and store in safe places in your home.
-
We are not talking about passwords here, but seed phrase or private keys, there is nothing wrong in storing passwords in a password manager, what is wrong is storing sensitive data in it. The best way to back up a seed phrase is offline, engraving it in a stainless steel or writing it down on paper.
Speaking of private keys alone, you are right they should never be stored online and storing them in some online password manager is a big mistake, like it was done on purpose. They should engrave it on some material even if written on paper and then kept on different places by writing different pairs on different papers and then placing them on different places so that accessing to one could not do any harm.
I don't prefer these online managers for anything, even I have a small portfolio but these people are risking others funds so therefore they should not bet trusted again.
-
Besides all this options that has been used to store passwords, seed phrases and private keys, I think the best option, in my opinion is a written down password, seed phrases and private keys. This should be written on a sheet of paper and store in a safe places.
With hd wallets you shouldn't back up your private keys, just your seed phrase alone is necessary. However, i get your point, though some people will prefer engraving their seed words on stainless steel to writing it down, in order to protect it from flooding, fire or other types of natural disaster, but i believe most people write it down.
-
It doesn't stop there. It also means he either never research about LastPass or intentionally ignore past LastPass security incident that happen almost every year.
And he was also too lazy to export his data from LastPass and switch to another password manager that does not have these kind of reputation issues (1Password, Dashlane, Bitwarden, Proton, Nordpass etc).
With hd wallets you shouldn't back up your private keys, just your seed phrase alone is necessary. However, i get your point, though some people will prefer engraving their seed words on stainless steel to writing it down, in order to protect it from flooding, fire or other types of natural disaster, but i believe most people write it down.
It'll protect you from natural disasters, sure, but it won't protect it from theft. Also if your house burns down, how are you going to find your stainless steel phrase amid all the rubble?
-
This sounds new to me, that people take the risk of saving wallet seed phrase with an online platform???
As I started reading the contents of your post beginning from the topic, I was wondering if it is now something bad to store passwords and codes with an online manager. Because I am a big fan of storing passwords with google. But reading down, I comprehended the motive of your post. And right now I'm still wondering how could users possibly trust a platform to the level of saving his/her wallet seed phrase with them. There's a statement some crypto enthusiasts around me always say and it goes "Never Disclose your Wallet Seed phrase to Anybody"
Saving wallet seed phrase with an online platform, I see it a form of laziness.
No matter how a wallet seems useless to me, I always write down my seed phrase and keep it somewhere very safe and secured how much more a wallet that contains something tangible.
Your concern is justified, saving mnemonic phrases or WIF private keys in online managers has a high chance of being rekt.
I recommend stopping using browser password managers, although they've evolved over time, they still cannot compare to the security of an offline password manager like keepass, which works even without an internet connection, since the database is saved locally.
Offline password managers have strong encryption such as AES, ChaCha20, etc. So you can save anything there, not only passwords, but OTP codes, attachments including images, files and texts.
It is better to encrypt the mnemonic phrase in a keepass database in an air-gapped offline environment. It's much safer than leaving it in online password managers or scattered around unencrypted.
-
I recommend stopping using browser password managers, although they've evolved over time, they still cannot compare to the security of an offline password manager like keepass, which works even without an internet connection, since the database is saved locally.
I installed a Keepass extension on my browser, so I don't have to copy and paste every password I need. I believe it should be safer since it doesn't put anything on our clipboard just in case a malware is lurking around. We do have to open/run KeePass in the background, but it is not a huge deal, even if you're running a potato computer. Still, I wouldn't recommend anyone to store sensitive data like seedphrase etc, though. CMIIW.
-
I installed a Keepass extension on my browser, so I don't have to copy and paste every password I need. I believe it should be safer since it doesn't put anything on our clipboard just in case a malware is lurking around. We do have to open/run KeePass in the background, but it is not a huge deal, even if you're running a potato computer. Still, I wouldn't recommend anyone to store sensitive data like seedphrase etc, though. CMIIW.
I also use a keepass extension for the browser, specifically the extension for KeepassXC, KeepassXC-Browser. However, it doesn't work on some sites, so I've to use the copy/paste function. An alternative is to use the auto-type feature.
It’s worth mentioning that there are several variations of keepass, but the most famous ones are Keepass2 and KeepassXC. I have both installed, and the one I use the most is KeepassXC.
-
It doesn't stop there. It also means he either never research about LastPass or intentionally ignore past LastPass security incident that happen almost every year.
People are lazy, they don't do research and they do not also follow events that happen in the industry, and many times they regret it in the end when it comes back to bite them. It does not cost much to get a hardware wallet, or to buy a stainless steel and engrave your seed words, but many people want to do things the 'convenient' way.
In my case, I just uninstalled LastPass already, I don't know, but it seems that I'm not comfortable with it. If we could invest on thousands of dollar into crypto, then why not invest on a hardware wallet itself?
Or if we want to go to extremes, then stainless steel could be one of the best solutions as well.
-
I hate LastPass with a passion.
They failed all of their paying customers that day when they let themselves get hacked so easily from a developer's PC.
They knew something like this could happen but thy preferred to treat us as data points and analytics for repacking and selling our usage data instead.
As soon as the breach happened, I started searching for alternatives and eventually landed on Proton Pass.
The good news is, at the time, I was paranoid about security, and encrypted my keys in a 4096-bit RSA GPG file with a super long dice ware password.
So thats two layers of security that nobody is busting through that any time soon.
-
It's worse than saving password to Google drive.
I do not know which one is the worst but I see them all as the same unless it is offline. Only offline savings of information like that I can consider safe and secure.
The one that is worst is not important, the most important and safer means to save passwords is by writing them on book and keep on a safe place in your home. There may be breaches if password are stored on an online managers, or may be compromised in my opinion.
To avoid complications with online password managers, like I have said, it is better and safer with personally written down on a book to properly manage your password at any time.
-
It's worse than saving password to Google drive.
I do not know which one is the worst but I see them all as the same unless it is offline. Only offline savings of information like that I can consider safe and secure.
The one that is worst is not important, the most important and safer means to save passwords is by writing them on book and keep on a safe place in your home. There may be breaches if password are stored on an online managers, or may be compromised in my opinion.
To avoid complications with online password managers, like I have said, it is better and safer with personally written down on a book to properly manage your password at any time.
I think that writing down passwords in a notebook/book/diary is an insecure act, imagine the damage if someone has access to these notes.
An offline password manager is much easier and more practical to manage passwords, whereas in a physical notebook, you have to search for your password, page by page. In addition, the database is stored locally and you can make several backups, you cannot lose your master password.
-
I think that writing down passwords in a notebook/book/diary is an insecure act, imagine the damage if someone has access to these notes.
An offline password manager is much easier and more practical to manage passwords, whereas in a physical notebook, you have to search for your password, page by page. In addition, the database is stored locally and you can make several backups, you cannot lose your master password.
As long as it's stored in a secure and discreet location, or maybe at the very least, a place that's well-protected then it should be fine. Ultimately, it also depends on the general safety of your area. If your surroundings are relatively free from theft or break-ins, then the risk is minimal. But if you're in a place where security is a concern, it's better to take extra precautions.
-
There is an extreme case here where people tend to believe too much and too quickly. Experience will tell you that it is not wrong to believe too much but some of these people due to their lack of experience, do not want to understand when they are told about the danger. However, I always recommend turning off browser password managers, especially if those passwords are related to your crypto wallet. Some offline password managers have strong encryption where you can keep your passwords safe.
-
It is no more new but more losses are always linked to LassPass which was an online password manager. Before the stolen of more information that the hackers are using to steal from people, we warned people but they did not listen. LassPass issue has started since 2021 or 2022 until hackers were able to have full access to people's information and using it to steal from them.
What makes us not to even believe on this same set of people as the hackers, they will create an online manager to store peoples information and then later choose to sell them on third parties and earn from such as the expense of our own detriments, we should know the kind of information that we are going to set or store online, any centralized platform and data managers are not truly secured for the safety of our information, because they are centralized and can be under attacked or be the scammers themselves.
-
I do not know how someone will be able to sleep comfortably overnight and have a private key that have access to millions of dolar worth of coin on an online manager.
It is actually because of reasons like this that I do not save important passwords on the internet. My best practice has always been to either use my brain memory or write out my passwords on paper. This method has saved me from having horrible experiences like this.
What makes us not to even believe on this same set of people as the hackers, they will create an online manager to store peoples information and then later choose to sell them on third parties and earn from such as the expense of our own detriments.
This makes a lot of sense. Why would they permit unauthorized access to vital information on a site that is supposed to be private? They are all involved in this, but unfortunately, the victims cannot hold them responsible. The best anyone can do for himself is to be mindful of what he shares online.
-
My best practice has always been to either use my brain memory or write out my passwords on paper. This method has saved me from having horrible experiences like this.
I'd encourage you to stop relying on your memory, though. While long-term memory can be quite reliable, we don't know what the future holds for us. My sister's husband had a stroke a few years ago, and he forgot most of his bank passwords. Fortunately, his memory was back relatively quickly due to fast treatment, but things can go wrong easily. I think most crypto enthusiast also discourages people from relying on his memory to remember their seed phrase, private key, etc.
-
I do not know how someone will be able to sleep comfortably overnight and have a private key that have access to millions of dolar worth of coin on an online manager.
Lastpass like managers are there to make money and that's it the ones who use those managers don't really understand the psychology behind it and that's the reason they lose their money. When someone is not technically smart and he/she trust a third party software or any third party then the result is loss only.
-
As long as it's stored in a secure and discreet location, or maybe at the very least, a place that's well-protected then it should be fine. Ultimately, it also depends on the general safety of your area. If your surroundings are relatively free from theft or break-ins, then the risk is minimal. But if you're in a place where security is a concern, it's better to take extra precautions.
In my view, most people are lazy or careless when it comes to web security. For people who have 130 accounts, the chances of them creating a complex password for each service are lower when writing them down in a notebook.
Besides that, the paper can be lost/burned and it would be quite costly to back it up, whereas an offline password manager, in addition to offering greater protection due to being encrypted, makes it easy to create multiple copies with a simple copy/paste command.
I respect if you think storing passwords in a physical notebook is safer and if you have only a few passwords, it might work better for you.
~~ A practical example of how a password manager is much better for creating complex passwords, as it's based on the randomness of the algorithm (I was going to take a printout, but for keepass security reasons, it won't let me) ;)
-
I do not know how someone will be able to sleep comfortably overnight and have a private key that have access to millions of dolar worth of coin on an online manager.
It could be because it hasn't detected any threats yet...we can only consider it a threat when suspicious activities start...even people who store important data connected to large assets offline will only realize the threat when they detect some suspicious actions...so a person's security will only start to be categorized as dangerous when someone hacks their wallet...when that happens once, the related service will be abandoned, and users will start to improvise security...
And for online security managers, I'm not really interested in that... I've never used the services of an online security manager... it's hard for me to trust something to someone I don't even know.
-
My best practice has always been to either use my brain memory or write out my passwords on paper. This method has saved me from having horrible experiences like this.
I'd encourage you to stop relying on your memory, though. While long-term memory can be quite reliable, we don't know what the future holds for us. My sister's husband had a stroke a few years ago, and he forgot most of his bank passwords. Fortunately, his memory was back relatively quickly due to fast treatment, but things can go wrong easily. I think most crypto enthusiast also discourages people from relying on his memory to remember their seed phrase, private key, etc.
You are right, and I am already aware that brain memory is not always reliable. That is why, in addition to relying on memory, I write down important information like my seed phrase and private keys on paper and store them in very safe locations. No one should be advised to rely solely on memory, that is a very big recipe for disaster.
-
You are right, and I am already aware that brain memory is not always reliable. That is why, in addition to relying on memory, I write down important information like my seed phrase and private keys on paper and store them in very safe locations. No one should be advised to rely solely on memory, that is a very big recipe for disaster.
If you're properly storing your seed phrase, you don't need to write down the private key of addresses derived from that same seed phrase. However, it can be useful if you want to import just a single WIF privkey into another wallet, especially since more and more wallets is moving away from revealing WIF private keys.
What I also recommend is saving both the seed phrase and the fingerprint (especially for those managing multiple wallets through passphrases). This might be a good topic to address this issue and discuss security best practices regarding the use of passwords. :-X
Do you guys store your passphrases in offline password managers too?
-
I recommend stopping using browser password managers, although they've evolved over time, they still cannot compare to the security of an offline password manager like keepass, which works even without an internet connection, since the database is saved locally.
I installed a Keepass extension on my browser, so I don't have to copy and paste every password I need. I believe it should be safer since it doesn't put anything on our clipboard just in case a malware is lurking around.
If you go the extra mile and use QubesOS or something with a similar compartmentalizing approach, you do get protection from those kinds of vectors since clipboard sharing is triggered only via dom0 ("root domain"), even escalating to root in a compromised AppVM ("user domain") shouldn't give access to clipboard contents of other AppVMs. It does take some dedication to set up but I believe it does pay off.
Still don't put your secrets on other peoples' clouds, though, yeah.
-
There are many users who trust the password manager more than a person should. And they submit the private key along with the password to the password manager. This allows hackers to get full access to people's information. But stupid people think that saving their accounts in the password manager and Google Drive will protect them. Later, hackers easily take people's accounts and disappear using their tricks. When stupid people are victims of fraud, they start taking precautions from these places.
-
...
As soon as the breach happened, I started searching for alternatives and eventually landed on Proton Pass.
...
After lastpass breach I stopped trusting every online password manager and moved to offline ones like keepass and password safe. I don't think this is completely safe either but I like to think being not connected to Internet significantly decreases the attack factors.