I recently heard about this Last Pass Vulnerability which made me think about changing the way I deal with passwords. I’ve been using Last Pass for several years now but I’m giving it a second thought. Ask yourself, Can I afford to have anyone get access to all my passwords? I used to manage all my passwords myself locally. It was a pain but I knew where my passwords where at all times and I knew they were secure. After this recent Last Pass problem I’ve decided to not use any browser extensions that are not absolutely necessary.
What Browser Extensions Do You Use?
Each browser extension is another possible attack surface. Like me you probably installed a bunch of extensions and don’t use most of them and have way to many. I’ve cut way back on the browser extensions. I’m currently only using two, UBlock Origin and HTTPS Everywhere
How Do Your Manage Your Passwords?
Currently, I visit the Last Pass website and login to get my secure password and copy and paste it into the website I’m trying to log into. It’s a bit of a pain not using the browser extension. What if the internet is not available? I’m going back to a secure local password management solution. I will be putting together a new procedure now and I’ll blog about it soon so be sure to come back soon.
NO, I Don’t Want You To Remember Anything!
I’ve also stopped allowing the browser to remember anything including passwords. Many browsers like Firefox and Chrome allow you to save and sync everything to the cloud. NO! I don’t want you to save all my history, passwords, etc… I’ve made the decision to stop using these services and control all my own data like bookmarks and passwords. I only use private browsing mode when I’m browsing the Internet and my extensions are used only to keep me more private and secure.