3 Comments

Ed,

I am still using LastPass here. I decided to wait to see how they handle the breech, and I'm a bit lazy. If they get their act together well enough that my data is once again as secure as is reasonably possible, I'd prefer to stay rather than to go to all the bother of migrating all my passwords to Password1 (the best alternative I've found to date).

My question is "am I safe enough as I wait?" I've followed all the suggestions they have made to secure my vault following the hack.

I've changed my master-password, so it is now 16 characters in length (was 12).

I have gone through all my Internet accounts and requested that any I no longer use be deleted/closed as well as those that do not support 2FA (if they care so little about my security that they do not support 2FA, I don't want an account with them. I can find a similar information/service source elsewhere.). All sites to which I have sent requests have complied.

I've changed my password for all remaining accounts, increasing the password length from 12 to 14.

I may be mistaken, but I suspect I've done enough to keep my Internet accounts secure (unless some bad guy gets my phone).

I look forward to your response,

Ernie

Expand full comment

These are good questions, Ernie! Do you mind if I devote an entire column to answering them, while quoting your comment here?

Expand full comment

Not at all! Go for it!

Ernie

Expand full comment