I'm glad I have all the logins I got on lastpass, also on my KeePass local database.. I have paid for lastpass premium, but I mainly use Keepass and it's firefox add-on anyways..
Not that I will be leaving Lastpass but does anybody know any free alternative that have cloud sync between multiple devices ?
Norton Identity Safe, but that is not currently compatible with Firefox 41.x. https://identitysafe.norton.com/
There is a great deal of negative opinion about LogMeIn on the web. Why is that? I don't use it and don't know, but when I saw the almost 100% negative reaction to the LastPass/LogMeIn announcement I wondered what was going on? I'm not going to suddenly stop using LastPass because of this, but it doesn't inspire confidence either. It seems to me that at this point no one can know how the merger will impact LastPass. Believing that everything is just fine based on a press release seems naive, and as much a mistake as getting paranoid and dropping the service. Hopefully there will be no negative impact on the LastPass service, but we have to wait and see.
LogMeIn offered free remote desktop software for years and then suddenly pulled the plug on it in about a 30 day time frame. Which of course made every free user angry. That's where most of the bad feelings come from. IMO, it has nothing to do with security. For those affected ex LMI users, it became a matter of trust. The 30 day cutoff was totally without warning. Companies and individuals that had used the free version suddenly had to pony up some serious money. The change could have been phased in over time but LMI didn't do it. Thus the hard feelings...
That makes sense, making the inevitable question of will it happen to LP. Keep backups just in case I suppose.
That's if they take away the export feature? Roboform did something similar after v6. Maybe I'll export into KeePass as a backup.
I did already. The only hassle is to duplicate any new password. But it's not gonna last long, I am not going to renew my LP Premium subscription.
Enpass keeps your passwords on your machine by default though they apparently can be used as a cloud service like LastPass. Their Linux product is two weeks away from being a reality. I'm just looking at a backup if something drastic happens to LastPass with their new owners down the road. The initial reaction was really bad but hey who wouldn't want to cash out like that? It seems to me they have some built in period where they remain as employees of Logmein and the service remains grandfathered though after that period I envision a change in the pricing policy - just my opinion.
Nice, but at the moment I don't see the need to rush away from Lastpass. Apart from this, there are some things which I dislike. E.g., the documentation is rather meager at best. And Crypton, on which it is based upon, has undergone 2 security audits: The security flaws from the first audit were patched (good!), but about the 19 issues detected in the 2nd audit (from March 2014) they just write: "Work is ongoing on tying up loose ends." Since then no further updates. And there are a lot of commits but still 0 releases on their github site. Quite frankly, this is too little to put my trust in this project for now. But this might change.
If anyone is interested you can watch the video podcast of Security Now episode # 529. Joe Siegrist of LastPass talks with Steve Gibson and Leo Laporte about the recent news that LogMeIn has purchased LastPass. https://www.twit.tv/shows/security-now Or: Read the web page text transcript or a simple text transcript of the episode. Episode #529 | 13 Oct 2015 | https://www.grc.com/securitynow.htm
I read the transcript; the part about LastPass is at the beginning and finishes on page 8. This from page 4: "Leo: The issue is LogMeIn, and I think a lot of people [were] burned by LogMeIn in the past, by what LogMeIn did to Hamachi, what they did to their free product, I think there's a real feeling that LogMeIn is not going to be a good custodian of the great legacy that you've created with LastPass. Have they given you any assurances that you'll have autonomy, and you'll be able to continue to operate as you have in the past? JOE: Yeah, absolutely. Just today the incoming CEO, Bill Wagner, was here, telling me that, look, you have the ability to say no. It's your vision. It's your team. We're putting resources behind that to drive it forward. And this is the largest acquisition by LogMeIn by more than six times; right? So they are going to naturally have to treat this differently than some of those other products."
...until all that changes. I like LP and will continue to use it as long as it's still quite handy. I have, however, taken others' wisdom and maintain a KeePass backup. Keeping eggs in one basket only works if it's my basket.
A reminder... for anyone using LastPass that's never backed up their password database to a separate file, you might wish to consider doing it on a regular basis. I've always done it from the day I first subscribed and will continue to do so as long as I use it. To export your LP database, go to Tools, Advanced Tools, Export to, LastPass Encrypted File. This gives you a safe, encrypted backup. To view the file totally offiline, you need LastPass Pocket. It can be downloaded for Windows or Linux. Go to the download page https://lastpass.com/misc_download2.php , click your platform, scroll to the bottom of the page and download the version of Pocket you need. Once you open it, your LP database is then usuable/viewable. You can add, change, or delete data as desired. You can even export the file contents as CSV if you wish to move to other password managers. There is no need to maintain one's data in 2 password manager platforms until you switch (if you ever wish to.)
To back it up, I prefer a standard CSV download and then importing in Keepass. Wipe CSV as soon as imported.
Just use Firefox to export. It works much better than LP Extension for Chrome which creates an html indeed. With Firefox extension I have never had problems.
Indeed you are correct. FF extension gives the encrypted LP file export option also. Opera's extension works the same as Chrome. The problem is, I don't like FF; it's clunky and slow but I do keep it around for Java (until Dec 2016 anyway).
