As news of the LastPass compromise spreads, many users are wondering if using a password manager is smart (all your eggs in one basket protected by one password). Setup properly, the answer is an emphatic yes. The key is two factor authentication. LastPass allows you to enable two factor authentication, so even if your master password was compromised, the attackers still could not get in without your cellphone, Yubikey, etc. More importantly – you should have two factor authentication enabled on your primary email account as that can be used to reset most account passwords anyway.