For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

LastPass, Mastodon, and AI/ML - Dec 31st - Jan 6th - F5 SIRT - This Week in Security

Editor's introduction Hello, MegaZone is back this week as our rotation continues. I hope everyone had a good holiday season. Let's hope that 2023 is a good year. A couple of things I wa...
Updated Jan 17, 2023
Version 2.0
security
twis
LiefZimmerman's avatar
LiefZimmerman
Icon for Admin rankAdmin
Jan 19, 2023

I've used and recommended LastPass for so many years I can't even count. Many in my family use it as well. The *techie* in me sees a good reason to go try BitWarden or similar but the realist says:

  • Well - I do have a solid/compliant master password.
  • It took *SOOO* long to get the family accustomed to using it (and *suffering* the convenience tradeoff with security. The thought of dropping LastPass in favor of a different tool will be very painful.

Something I haven't heard addressed; If the horse is already out of the barn and my private notes are already *in the wild* (albeit encrypted...so they say) then putting all my information into yet another resource seems like an additive risk rather than an improvement.
I'm not one for *supporting* abject failure in a company but...Is the other guys' tech just THAT much better? Is the risk of compromise THAT much lower as to justify pulling the plug on one service for the other?

I suppose if there is a real and continuing risk of further exposure - but I've also not heard that as being the case.
"I'll take my answer off the air."