this post was submitted on 07 Sep 2023
987 points (99.0% liked)

Technology

58303 readers
11 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

More than $35 million has been stolen from over 150 victims since December — ‘nearly every victim’ was a LastPass user::Security experts believe some of the LastPass password vaults stolen during a security breach last year have now been cracked open following a string of cryptocurrency heists

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 14 points 1 year ago (2 children)

I use Syncthing to keep my Keepass files synchronized on my devices. All the benefits of cloud storage, but my password file never leaves my control.

[–] [email protected] 3 points 1 year ago

I do exactly this.

[–] [email protected] 1 points 1 year ago (1 children)

Great idea! I rely on Firefox's service, would you recommend I switch?

[–] [email protected] 3 points 1 year ago (1 children)

Personally I don't like to rely on anyone's cloud services for mission critical applications like password storage, since they have a history of being discontinued without notice.

I do trust Mozilla a lot more than Google, though.

With Syncthing at least if the discovery servers go down you still have a local copy as well as off-site backups, and can easily migrate to some other sync solution as your password manager is not tied to your browser.

[–] [email protected] 1 points 1 year ago

I would argue that email is similarly as critical, yet Selfhosting email is a bad idea practically and from a security standpoint. Your argument does not apply in general.