LastPass says hackers had internal access for four days
bleepingcomputer.comThis isn't the first time this company has been breached. I'd stay far away from this company. If you really need a centralized password repo, use 1password.
But if you can, I'd recommend self-hosting (VaultWarden) over any online service provider.
I am still amazed anyone would use a proprietary password manager which stores in someone else's computer. That's the opposite of good password management.
Which is why LastPass doesn't store your passwords on its servers, just a one-way hash.
I don't think that's correct. They state that passwords are decrypted in the browser. They are stored encrypted on their servers but not decrypted on their servers AFAIK
That wouldn’t be very helpful if the point is for the service to remember your passwords.
Did you mean BitWarden? Or really VaultWarden?
Based on the context of self-hosting, I assume the parent wrote correctly.