Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents.
In 2015 when Lastpass was purchased by Logmein was what convinced me to move to Keepass and ultimately KeepassXC. Syncthing on Linux, Android and Windows, a complex password and separate key file provide multiple layers of security. It works reliably and provides easy access to login information on any device.
I’ll have to look at it again, but the last time I did, the inconvenience of it not being integrated with my browser kept me away. Bitwarden has been audited, is open source, and can be self hosted.
Does it stay unlocked for a while (say, an hour or so)? If so, that’s absolutely an option. I use a very long password, so having to do it every time would be extremely tedious.
In 2015 when Lastpass was purchased by Logmein was what convinced me to move to Keepass and ultimately KeepassXC. Syncthing on Linux, Android and Windows, a complex password and separate key file provide multiple layers of security. It works reliably and provides easy access to login information on any device.
I’ll have to look at it again, but the last time I did, the inconvenience of it not being integrated with my browser kept me away. Bitwarden has been audited, is open source, and can be self hosted.
KeepassXC has a browser addon that works well for most sites, but I don’t think you can go wrong with Bitwarden either.
I think you meant to type keepassxc
That I did. Thanks.
I’ll have to look into it again.
Is there anything for Android autofill in apps? It’s not a deal breaker, just nice to have.
Keepassxc has a keyboard which you can change to and it fills fields without typing (you need to type your master password though)
Does it stay unlocked for a while (say, an hour or so)? If so, that’s absolutely an option. I use a very long password, so having to do it every time would be extremely tedious.
Yes you can set the timeout duration
There is, but I can’t tell you anything except that it exists. I use passwords so infrequently on Android that I’ve never bothered with it.