top | item 5158598

(no title)

dwj | 13 years ago

Doesnt seem a great idea. When it gets hacked they get all your passwords.

discuss

abraham|13 years ago

LastPass encrypts all of the passwords client side. Assuming you use a strong enough passphrase it shouldn't matter if LastPass gets hacked.

dwj|13 years ago

Twitter uses bcrypt, so in theory this hack should also be nothing to worry about.

Groxx|13 years ago

is there an alternative where this is not the case?

dwj|13 years ago

My own solution is to have two different passwords for everything - one for banking and credit cards, another for crap like twitter/linkedin. I haven't changed my passwords for years (no point really, as you're likely to have the breaking as soon as they get your password).

I think there are risks with all solutions to the password problem.