Reply To: Account hacked

[Ihar]

@ratiom : The Lastpass compromise could happen to any company. In fact, the raison d’etre of a password manager is that it DOES happen. There should be some kudos for identifying and reporting breaches, and be secure (sorry, bad pun) in the knowledge that even Lastpass (or any password manager) can’t get into your password vault if you forget your master password. I still use Lastpass (I have a degree in Computer Science) and worry more about technical details than someone stealing my locked vault.

“3 random words” does theoretically (mathematically) provide security, but who can remember 3 random words for every website visited?? Adding numbers/special characters provides greater security because it increases the “alphabet” range by 50% or more.

I use a VPN most of the time (SurfShark), but regardless any https encrypted connection is safe end-to-end. That said, @vzzbuckz is right – a rouge actor can probably steal your email address and also know what sites you visit (as DNS is not secure). So whilst you’re accessing your bank account they are sending you a phishing email to try and scam you.