LastPass says hackers stole customers’ password vaults This is why I don’t use 1Password’s custom sync engine.
Why? Isn’t the point of 1Password’s heavy-duty encryption approach that no one should care if their vault is left lying out in the open, on a thumb stick in HackerTown, HackerLand; on the opening day of HackerCon, because the encryption makes it well nigh impossible (or at very least not remotely worthwhile trying) to get to the unencrypted date (assuming you haven’t printed your keys out and stuck ’em on the thumb drive of course!)?
I use 1Password ( and I don’t shy away from its cloud storage) precisely because I *assume* that sooner or later a bad guy is going to get his hands on my data. In a way, I consider the method of trying to keep my data out of bad guys’ hands as a form of Security By Obscurity. I prefer the more robust approach of Come And Have A Go If You Think You’re Hard Enough.