I’ve shapely had a peculiar narrate happen and desired to gawk if the HN neighborhood also can come up with some theories as to what came about.
LastPass blocked a login strive from Brazil (it wasn’t me). In accordance to an email I bought from LastPass, this login modified into the utilization of the LastPass story’s master password. The e-mail does now not gawk admire it’s a phishing strive.
What troubles me is that the master password modified into saved in a neighborhood encrypted KeePassX file.
I can believe that somebody has my KeePassX file and the (completely varied) password to this file. If that’s the case, I am in a global of injure.
However are there any varied possibilities? Is the e-mail from LastPass staunch i.e. modified into the login strive truly the utilization of my master password? Is there some LastPass extension put in on some pc composed having a legit auth token permitting them to login as me to LastPass..?
I am in actuality stressed, and afflicted.
Thanks to your support.
P.S. The LastPass story had 2FA jam up, however I modified into ready to merely buy away it (since I did now not accumulate access to the token anymore). That is frightening too — what’s the level of a 2FA it’s seemingly you’ll seemingly seemingly buy away…??
