Password Manager Discussion.

Discussion in 'other software & services' started by Mayahana, Jan 28, 2015.

  1. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,501
    Location:
    .
  2. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
  3. guest

    guest Guest

    The KeeFox add-on is only available for KeePass 2.x (KeePass Plugins)
     
  4. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,351
    http://keepass.info/compare.html

    I really don't see the point of using the Classic edition.

    Remeber to use Keepass 2 with Secure Desktop for Master password and Auto-type obfuscation.
     
  5. flatfly

    flatfly Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    71
  6. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    I guess, they keep it alive, because it does not require NET Framework, which is being used by malware just like powershell. Whenever it is worthy is up to the user.

    Because it might prevent the stupid malware from getting your real password. AVs have problem detecting zero day malware, but this method gives at least some protection against them.
     
  7. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,351
    http://keepass.info/help/kb/sec_desk.html

    AND:

    http://keepass.info/help/v2/autotype_obfuscation.html

    This is perfect? No. But does it bring me any disadvantages to use? Neither.

    As I don't have any incompatibility issues using this options, I don't see why I wouldn't use it.
     
  8. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,199
    Is there any reason why one should use that add-on at all considering that auto-type works very well? I for my part don't miss it.
     
  9. guest

    guest Guest

    I don't use the plugin too.
    Using a plugin can be "more convenient" for some people (automatic login,etc.), but using Auto-type ("Perform Auto-Type - Ctrl+V") is sufficient and works well.
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes of course, but I personally use only one PC, and never log in to important sites on other PC's. But we all know that browsers aren't really that safe for storing passwords, malware can easily steal and decrypt passwords. A simple password manager like RoboForm should have been implemented by browser makers long ago.
     
  11. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    741
    Location:
    United States
    A couple of new LastPass exploits one that works only in FF and another for any browser/platform. You have to go back a few days to see the 1st exploit.

    https://twitter.com/taviso/with_replies
     
  12. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    Twitter?! I don't think so! I don't do social media. :eek:
     
  13. guest

    guest Guest

    Remote Code Execution is possible if the Binary Component of Lastpass is installed, otherwise it can steal passwords.
    The previous exploit (March 16) is affecting the lastpass-addon for firefox (v3.3.2)

    LastPass answered (or: "twittered" :ninja:), and they are working on a fix.
     
  14. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Current LastPass add-on for Firefox is v4.1.35a so I wonder why v3.3.2 is being offered in Mozilla's add-on library?
     
  15. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    741
    Location:
    United States
    That's how Tavis Ormandy from Google reports vulnerabilities. Your loss I guess.
     
  16. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    741
    Location:
    United States
    LastPass will fix these quickly. They run a pretty secure ship.

    Ormandy provides a great service to various software companies, through Google free of charge.
     
  17. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Another LastPass security bug huh? Not sure if I want to stay with these guys.
     
  18. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    +1. And 3.3.2 is not multiprocess compatible according to Add-On Comaptibility Reporter add-on.
     
  19. AutoCascade

    AutoCascade Registered Member

    Joined:
    Feb 16, 2014
    Posts:
    741
    Location:
    United States
    They have already fixed the issue. If you follow Ormandy on twitter you can see he finds exploit in a lot of software. LastPass fixes these really quick. Some companies like Commodo just ignore the exploits.
     
  20. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Has anyone ever tried Enpass?
     
  21. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Good to know. Do I need to update the browser extensions or was it a back end fix?
     
  22. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,625
    Location:
    USA
    All software has bugs. LastPass is very good about fixing them. I would not dump them based on anything I have seen here.
     
  23. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    More attention lastpass gets better it is for us and thankfully Travis really loves lastpass ;)
     
  24. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Oh I know. It's just not the first time I've heard about issues with them. If it's been patched, I will hang tight for now.
     
  25. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,507
    Thanks I am following him now. Cheers!
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.