Hacker News new | past | comments | ask | show | jobs | submit login

I believe they are only the encrypted vaults, but with the cost of compute plummeting and the inclusion of unencrypted data alongside the encrypted data I think you have reason to worry if you believe there are people who would perform a dedicated attack on you, or you are in a class likely to be identified as high value.



> the cost of compute plummeting

You should do some actual math to roughly estimate what it would take to crack a good password. Use a strong password, use a resource-intensive key derivation function, and you should feel extremely comfortable that your encrypted data will not be cracked within your lifetime.


Oh, absolutely, you need to test that information as exposed and react accordingly.

Fortunately for me, I don't use LastPass.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: