I just got hit for a ton of eth 3 meta wallets drained. Anyone heard anything or could help point me in the right direction of what to do? No idea how they accessed my funds.
I just got hit for a ton of eth 3 meta wallets drained. Anyone heard anything or could help point me in the right direction of what to do? No idea how they accessed my funds.
Are password managers secure?
NO!
If you have stored your key on a password manager, it’s time.to get a new wallet. Consider yours compromised.
People can make mistakes with everything. It’s just about reducing the probability of making the mistake.
https://www.theverge.com/2023/9/7/23862658/lastpass-security-breach-crypto-heists-hackers
I wouldn’t trust them.
Well that answers the question
That’s LastPass. That company has been plagued with security issues for years. Password managers as a whole aren’t anywhere close to what they are.
Keepasss Open source
Depends on the password manager. With something like KeePassXC, only you have the encrypted passwords file and it’s not on some server.
Nope no never absolutely not.
Just a couple weeks ago I saw a thread where keepass was the culprit.
NEVER USE A PASSWORD MANAGER
That’s absurd
Edited my comment, as it was not clear what I meant.
You went from saying “absolutely never use a password manager” and further down the thread you say you’re using your foreskin.
Now you’re back tracking that all to pretend to be right?
That’s absurd!
Great, but if KeePassXC is on an online device then it’s vulnerable to being hacked.
You can just store a copy of keepass along with your file on a USB and access it that way, never has not be online.
KeePass DB is vulnerable if they can crack the master password. If your master password has enough entropy that it would take so many million years to brute force, then you’ll be fine.
The Keepass DB can be cracked. https://medium.com/@andreabocchetti88/unlocking-keepass-a-comprehensive-guide-to-crack-the-database-74a2593d676a
I kept a few seeds in my Keepass, I have since removed them after someone at work warned me about this.
Anything can be cracked this way, this is just a bruteforce of the master password. It can take 300 centuries to crack using NSA servers if it’s a strong password.
That link describes hashcat which uses some of the methods I’m referring to, it’s dependent on the password quality. Crappy password will be quick.
It doesn’t decrypt it, but tries many combinations of words etc encrypted to compare against the hash.
Even with a good password, I never would want anyone storing seeds in keepass, anything on the computer is a no for storing seeds.
Never store a private key in a password manager
They are generally secure. Any hack on them has never gotten clear text passwords.
LastPass seems to be the one who gets hacked the most and I use that term very lightly because it’s usually just user emails
Which don’t get me wrong is bad because then you can be at Target of spearfishing but you should not shy away from using a password manager because at the end of the day if you use it correctly it’s going to be more secure than whatever you’re doing now
1Password has never been hacked and their architecture is solid. You are the weak link though.
No
Being “secure” is relative. Would I store my Facebook password there? Sure. Would I store the password to my life savings there? Definitely not.
Absolutely not.
no
you might have a key logger on your pc, so the password manager is uselss
never enter a seed phrase into a computer, always write them down fromm a hw wallet
there is no real secure option for pc only unless you formatted, linux distro, crypto wallet software install with no internet, create the wallet, write the seed phrase down, format the drive / never use it again
hw wallets just make this brain dead easy though, why is this still a conversation in 2023?