Password Security Best Practices

[MadSprite]

As a student in an InfoSec program, I initially used KeePass 2.0 to handle my passwords, but soon I realized KeePass became unreliable as it's password database would always corrupt. Twice that happen and luckily my peer to peer sync program (bitorrent sync) between my personal devices kept an archive version in case something goes wrong.

Many of the infosec seniors and graduates made the move to lastpass even after the breach because it was still secure than any options and guranteed that your data's integrity is safe on all platforms including Linux. LastPass might have faced a breach but it was up to date in security procedures than you think a newer ("We haven't been hack so we are secure") competitor might have been. The hackers were able to get away with a hashed passwords and encrypted password vaults, where the hash or vault allone will take millions of billion years to crack per person.

These companies never see your data, just that you handed them a garbled mess of data that is your passwords.

And if you think it's not enough than use two factor authentication as then the hackers would have kidnap you for whatever you used to verify those.