I absolutely agree. I love KeePass and use it for everything... this LastPass account was setup to share passwords with others at an org that I worked at.
The problem is... that LastPass password, the one stored in KeePass, is presumably the one that was leaked.
Which is what is spooking me -- if someone has access to my entire KeePass file, it's game over.
So...when you say "...was setup to share passwords with others..." is there a chance that this also means the master password was shared with one or more others?
Sorry, no, that was a confusing way of phrasing it.
The LastPass account that was almost-breached today uses the "password sharing" functionality to share passwords (to certain sites) with other people in the same org.
I was just explaining that the only reason why I have a LastPass account was to share passwords. (not the master password, obviously -- I was sharing passwords to other sites)
I typically use KeePass for all of my (site) passwords and keepass stores all of this in a local encrypted file.
Yeah, hard to say. I don’t think it means it’s ‘game over’ though. I think it just means you might need to go through the tedious process of walking through your whole DB file and update every password. And generate a new key file. Then and only then will you have peace of mind I think. Good luck!
The problem is... that LastPass password, the one stored in KeePass, is presumably the one that was leaked.
Which is what is spooking me -- if someone has access to my entire KeePass file, it's game over.