So 2SA isn't 100% after all I actually knew it's not 100%, but you get the point.
Again, I'm not bashing LastPass. This makes me mad because it makes ALL password managers look bad. The issue is "fixes" (so they say), but I feel that the owners of LastPass aren't as serious about thier customers.
Now I read this:
"According to Vigo's write-up, he discovered that Lastpass was using a hash of a user's password to generate the QR code that is used to set up 2FA on a user's device."
so are they using people's master password in this? And part of thier master password is used in the 2SA?
"To put it in perspective, imagine that you have a safe in your house were you keep your most valuable belongings. Do you think it is a good idea to have the same lock for the door and the safe? Should the door key open the safe as well?"
I think this answered my question, but I'm just checking
I know you guys can "un-nerd" this a little for me
This made me feel better about the secret key, because I can visually see it's not the same as my master password. And I can change it if needed.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided