Why We Are Dropping LastPass and So Should You
On December 22nd, 2022, LastPass posted a blog post about an incident that happened in August of 2022. LastPass had a security breach in August 2022 where someone stole user billing addresses, email addresses, websites stored in the vault, IP addresses, and phone numbers.
This person also has the ability to “brute force” (gain access with a lot of effort and time) your passwords. This is unlikely because of how long it takes to guess the password, but it is a possibility. We would recommend changing your master password as soon as possible. We at TechCare360 will no longer use or recommend LastPass again because of this incident. Keep in mind that LastPass is a subsidiary of GoTo Meeting. We recommend moving away from their services as well.
After doing our own research as well as speaking with our peers in the industry, we have concluded that due to the lack of integrity and security from LastPass, we are recommending to move from LastPass to Bitwarden.
We have picked Bitwarden because it is an open source project. That means that the code that Bitwarden uses is completely open to the public to critique and check for vulnerabilities. Also, Bitwarden regularly checks their security from outside vendors.
The transition to Bitwarden is relatively painless and has all of the features you know and love from LastPass. If you would like help migrating your vault, please don’t hesitate to contact us and we would be happy to help you.