Matt Murphy on 12 Jun 2017 05:54:08 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Password manager OneLogin hacked

Well, I'm glad, following review of said discussion, that I went with Keepass.

On Fri, Jun 2, 2017 at 10:08 AM, Rich Kulawiec <> wrote:
Recall the discussion about LastPass six months ago?

On Mon, Jan 09, 2017 at 07:53:05AM -0500, Rich Kulawiec wrote:
> On Sat, Jan 07, 2017 at 09:46:21PM -0500, Tim Allen wrote:
> > I've been using LastPass for a while, and am dreading the day when they
> > inevitably get hacked and I have to change all my passwords.
> You *should* dread that day, especially if it's already history.

And -- quite predictably -- we now have this:

        Password manager OneLogin hacked, exposing sensitive customer data

Of course we only know about the hacks that operators care to report,
which is a subset of the set they know about, which is a subset of the set
their employees know about, which is a subset of the set that has happened,
which is a subset of the set that has and will happen.

It's only a matter of time.  And each of those will raise interesting
questions like this one (from the article cited above):

        "Am I the only 1 to find it disturbing OneLogin had a decryption
        method for customer data accessible enough to be grabbed via
        breach?" said one user on Twitter.

Using any of these is clearly unprofessional, irresponsible, and negligent.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --