Depending on how it was implemented, that could just increase the attack surface... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ryandrake on Jan 25, 2023 \| parent \| context \| favorite \| on: LastPass breach gets worse Depending on how it was implemented, that could just increase the attack surface. Assuming it's a cloud service, now we have another company that has all your passwords, that can be breached. A better way would be desktop software that runs on your local machine and logs in to each web site by itself and changes all your passwords, without using any remote compute or storage, outputting a local file with all your new passwords (don't make the same mistake again using a cloud password manager).

azinman2 on Jan 25, 2023 | [–]

I imagined this was local. I think it would be very difficult to trust it otherwise.

sorokod on Jan 25, 2023 | [–]

Attack surface will increase regardless of implementation. It is another point that can be attacked, one that did not exist before.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact