I’ve been pretty patient and understanding with the various #LastPass issues over recent months. Bad stuff happens everywhere, and it’s not *necessarily* always the associated company’s fault...
But if nothing else, the way this has been handled, with the casual weeks-later drop of disconcerting info at a time when most people are starting to tune out for the holidays and attention is at its lowest, really doesn’t make me happy. Or give me confidence in the company and how it interacts with us as customers.
Much as I dread the chore of doing it, I think it’s time for me to make a change on this front.
Aaaand, the deed is done.
This is one of those areas where it’s far too easy to stick with the “default” — whatever you’re already using.
But the reality is that making a change really isn’t such a big deal, once you actually commit to doing it.
I'd say the entire process took me less than five minutes.
I went with 1Password for now, if anyone's curious. It was between that and Bitwarden for me, but 1Password’s extra polish and capability/simplicity around sharing gave it the edge for me at the moment.
That being said, both seem like very commendable options. And I’m definitely gonna remain open to reassessing and potentially switching at some point in the future.
@jr 1Password is a centralized service just like LastPass, so it could easily have the same problem of getting compromised on their servers someday. BitWarden lets you host your own server and put it behind a VPN for more security. Or you can use Keepass database files and sync in any number of ways.
@adam Valid points, all. 1P does take some extra precautions that give me greater confidence (e.g. https://ioc.exchange/@jpgoldberg/109559866491363046 ) — not to mention a better history, especially as of late, with both general protection and customer respect.
But, yeah. There's always a tradeoff between maximum attainable security and a reasonable balance of security + comfort/convenience. Lots of personal decisions to be made around that, no doubt.