Data of 2.4 Million Blur Password Manager Users Left Exposed Online

Abine, the company behind the Blur password manager and the DeleteMe online privacy protection service, revealed on Monday a data breach impacting nearly 2.4 million Blur users, ZDNet reports. From the report: The breach came to light last year, on December 13, when a security researcher contacted the company about a server that exposed a file containing sensitive information about Blur users, an Abine spokesperson told ZDNet via email. The company said it followed this initial report with an internal security audit to determine the size of the breach. The audit concluded last week, and the company made the data leak public on Monday in a post on its blog. The data that was available on the web included each user's email addresses, some users' first and last names, some users' password hints but only from our old MaskMe product, and each user's encrypted Blur password.

Re:Ouch

[b0s0z0ku]

Not all password managers require "sharing data." Keepass is cloudfree.

Re:What password manager does everyone recommend?

I use Password Store, or just "pass" for short.

Completely free, no cloud, no GUI. Passwords are stored locally and are encrypted with GnuPG, so you can choose your own cipher and strength instead of trusting someone else's defaults. Passwords can be copied to clipboard with the '-c' argument. It even can integrate with git so you can keep your passwords managed in a version control.

https://www.passwordstore.org/

Whenever I need to access my passwords remotely, I just use SSH. Easy enough.