This is incorrect information. Notes are encrypted, just not their “type”. Unfortunately the most direct source for this is a reddit link, but here it is anyway.
I’d be willing to bet that people store their key phrases in the notes section in LastPass which was not encrypted at rest
hatchling@lemmy.world 1 year ago
sturmblast@lemmy.world 1 year ago
okay thanks for that I was going off of an earlier report
CoderKat@lemm.ee 1 year ago
I’m sure they were encrypted. But attackers have the vaults and many people have bad passwords. Brute forcing these days is less about trying every combination and more about trying all known leaked passwords, because people reuse passwords like crazy and also just aren’t as original as they think.
If you have millions of password vaults, I’m sure you can crack open a small number. And the ones you can crack are probably the most likely to not be following best practices, meaning it’s more likely they haven’t changed their passwords since the breach was announced a while back and they probably are less likely to have 2FA.