• psivchaz@reddthat.com
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I dropped them for Bitwarden in 2015, after the first hack. I stuck around at first, thinking that they had had a breach but nothing was compromised that we know of so maybe it was a small thing and they learned a valuable lesson and it wouldn’t happen twice.

    Around May I spotted a bug in how organizations were handled. I legitimately can’t remember all of the details. You could basically get access to passwords in your organization that weren’t shared with you under a specific circumstance. It wasn’t disastrous, it wasn’t like every org password was accessible, but it was still fairly serious as my company was using it. I figured given that they had recently had a breach, given that my company was paying for the expensive plan, surely they would take it seriously.

    3 months later, they hadn’t responded and it hadn’t been fixed. Picked an alternative and never looked back.