Hacker News new | past | comments | ask | show | jobs | submit login

I’d bet (though in all fairness, only a low amount ;)) the intersection between a user that has both a weak master password and attackers willing to spend a ton to rent a GPU farm is pretty low, though.



Yet, people stole LastPass vaults. Why bother stealing them if you don't plan to actually crack them? At least someone saw the potential for some ROI.


LP had an issue with weak encryption for old accounts.


Eh... plenty of people with weak security hygiene also have high-value credentials.


My guess is that most people who have high value passwords also have weak passwords. CEOs and CFOs can probably authorize huge financial transactions with little oversight and tend to be security illiterate.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: