Some thoughts on the latest LastPass fiasco

Employers are rightfully paranoid about corporate secrets being compromised by bad actors. Some of the worst data breaches were caused by employees. Employees, however, should be equally paranoid about their personal secrets being compromised for the same reasons. If corporate secrets can be leaked due to a colleague's mistake or malfeasance, so can your personal data entrusted to your employer.

Returning security back to the user

I am not a fan of apps encouraging users to sign up using their social network credentials. The other popular alternative is creating individual accounts on each service, but it has its own pitfalls. There are emerging techniques like password-less authenticators that help simplify and secure the process. This post reviews some of them.