Evernote passwords stolen; passwords reset.

Hours ago, Evernote announced that passwords and user info were stolen at some point in the last few weeks; Evernote said that passwords were stored as seeded / salted hashes (you'd need time and computing power to break through); Evernote reset everyone's password.  World is safe again.

Of course, if you stored your passwords in a file on Evernote, all of your passwords may have been compromised, and now you'll have to go through and change each and every one of them -- makes for a good argument to use LastPass, don't you think?

But is LastPass more secure?  That all depends.  You have to have two-step verification turned on, and you have to use it.  For instance, to sign in on a new device, you'll need to verify who you are, via a text password sent to your smart phone.

You want triple-step protection?  Store passwords in a file that requires a password to open, then store it in the cloud service that requires two-step verification.

Call me paranoid, but that's what I do, and it's actually quite convenient to do so.  By the time someone has broken through three layers of protection, and assuming you've used very-long passwords, it'll be easy to update and change all your passwords.

(Of course, if someone sneaks a keylogger into your computer, you're royally screwed.)