any password manager can be hacked, i had my master password for 20 characters with numbers, characters and special characters. It will take years to brute force and can i assume i have couple of months to change all of my 200 passwords? am i missing something
Even though this is correct, it doesn’t address all possible consequences. It looks like not all fields were encrypted: at a minimum URLs but also very likely fields like “notes” and more. If you had any sensitive info outside of username/password it’s recommended to start mitigating that.
Note: secure notes is not the same as the “notes” field. Secure notes are encrypted.
Edit: Also it is unclear whether records like Bank Accounts, Social Security Numbers, etc have been fully encrypted.
