LastPass breach and implications for BitWarden

For everybody who is still worried:

Below is literally what a typical login item looks like when stored in your vault. Every gibberish string that starts with 2. and ends with = is an encrypted cipher string, which cannot be decoded without knowledge of your master password or account encryption key. You can see that the item name, URL (uri), username, password, and notes are all encrypted.

"id": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx",
"organizationId": null,
"folderId": null,
"edit": true,
"viewPassword": true,
"organizationUseTotp": false,
"favorite": false,
"revisionDate": "2022-08-01T23:14:22.7Z",
"type": 1,
"name": "2.oiOe4QnM/BeFRsZKAgTLUA==|FSG6Wmi8n2oS8uAyk9/Y0Q==|pPeRfXpjoMBF+JvNv/pPsS8GLxFCeSjX4kQC44ZxbIwE=",
"notes": "2.d7tqa4zezJ+R8FO5WMVvUg==|HRjZwkjyb9aI60gyLz0b5Ntb+uveK/7IUqZIPJV+om5UsySBUhmOAlpADPe3vfAP|7+kVhl/F0Hf3BuHXhfYM4CKFtPYo31trDRSxFyT/KE8=",
"collectionIds": [],
"creationDate": "2022-07-31T21:00:12.7433333Z",
"deletedDate": null,
"reprompt": 0,
"login": {
 "username": "2.zsIWcVw+a7zAshc5m6iqtA==|chVngW949S8w2vZ4+kIwmTRuIspbXm/9Jj4klqapZbs=|yaDnEai9KkWhhjKfGqpJ/yg3bZz6DWc/D4i9kJMbEeA=",
 "password": "2.HjksBbULW3WeWNbdwzn/OA==|6e4vTySS3SC4Iptt9ZVvzw==|+B1LLaWOiP96gXajJQ7ybBF9u0cluUmJ0wZbV0TiU5Q=",
 "passwordRevisionDate": null,
 "totp": null,
 "autofillOnPageLoad": null,
 "uris": [
  {
   "match": 0,
   "uri": "2.weqaSzg07ivBpkZiTGaYDg==|y3cadRYyzBCsHn/LS0T61HlFK58AupiR8gfFbcQ8psJfqhEremBpBqqrTau5J+fhXxlzS3WDfPVu2Fe1Rm/STo39S9tCRXLPrBugKtjCOfI=|/oNwBNtDqQsG72KgUcCxkhQEmgL5qdq/ocZYJWWrKrc="
  } ]
}
3 Likes