Do you use Lastpass?

Discussion in 'polls' started by ExtremeGamerBR, Sep 22, 2011.

?

Do you use LastPass?

  1. Yes!

    37.1%
  2. No!

    46.8%
  3. Do not use because I do not trust!

    19.4%
  4. Do not use for other reasons...

    4.8%
Multiple votes are allowed.
  1. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    I would like if you use it? If you do not, why?
     
  2. NRProia

    NRProia Registered Member

    Joined:
    Sep 11, 2011
    Posts:
    111
    Location:
    Lowell, MA
    Hello,

    I used to use KeePass Password Safe until my database was stolen and several accounts were breached. Now I commit passwords to memory.

    Regards,

    Nathan
     
  3. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    I looked into LastPass and decided against it because it was a browser extension, and I didn't want my passwords in the cloud.
    I read this too, and it gave me cause for pause.
    I have forgotten all that I learned about it, Extreme, but I do remember that there is a lot to like with LastPass.
     
  4. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    So dear friend, you use some method of automatic form filling or something?
     
  5. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,635
    Location:
    UK
    Whilst I understand your concerns over storing such information "in the cloud", isn't the point in LastPass' case that all details are encrypted locally before transit so if anyone did break in to their servers, the data is meaningless to them. They make a point that none of their staff can read your data even if they wanted to because of this encryption.

    I believe there was a breach earlier this year, which to LastPass' credit, was resolved fairly quickly with various steps taken to hopefully prevent similar occurrences.

    @EGBR: I noticed you're using NIS 2012 as mentioned in another thread. You do know that NIS has password storage "in the cloud" in that product also?
     
  6. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    You're probably right, TonyW, about encryption being adequate.
    I trust the cloud in other ways, so it's not a great big factor for me.
    I guess it boils down to "transit", and with KeePass, there is none... it stays on my HD.
     
  7. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    No auto form filling. :)
     
  8. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    No, I would never use any online service to store sensitive data, especially passwords, and Lastpass was hacked at least 2 times as far as I can remember.
    I prefer Keepass as well, a password manager is a necessity for me, since I find it hard to remember dozens of passwords with ~50 characters and symbols.

    Was your computer hacked with admin rights or did you use a browser extension?
     
  9. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    No. Never Trusted it.
     
  10. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    Altough I dont like the fact that my passwords are stored in the cloud I still use Lastpass as I need all my passwords synced with my mobilephone (android). I could use firefox sync but i guess LastPass is more secure. From what I read passwords get encrypted before they get uploaded to the cloud.. so even if they get hacked no one should be able to get your passwords.. but who knows how secure they really are :/

    I wished there was some way to setup things like LastPass and Dropbox but using my own webserver instead of theirs :S
     
  11. Spruce

    Spruce Registered Member

    Joined:
    Dec 18, 2010
    Posts:
    291
    Started using it not too long ago, very comfortable, but your comments here started to make me wonder if I can really trust storing my passwords in cloud or not o_O
     
  12. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    LastPass says that all passwords get encrypted before uploading to the cloud...not sure if we should trust them about that or not. and I think there never have been any passwords stolen from LastPass?
     
  13. joelastpass

    joelastpass Registered Member

    Joined:
    Feb 6, 2009
    Posts:
    4
    I'm obviously biased but to clear up some misconceptions -- putting your encrypted data into Dropbox is putting it into the cloud, in a similar manner to how LastPass works, except LastPass has never allowed anyone in the Internet to login to your account without a password, and LastPass encrypts your data locally with your master password so something like this can't happen with LastPass: http://www.eweek.com/c/a/Security/D...Off-Passwords-on-File-Storage-Service-655206/

    It's certainly worth having 3rd parties look into how things are done at LastPass, here's one: http://twit.tv/sn256

    If I can answer any questions let me know.
     
  14. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,635
    Location:
    UK
    I've not heard anything of that nature, but then if passwords are encrypted on your machine before reaching their servers, the info which may be obtained by whatever means is of no use to anyone unless you have a weak master password. That is where problems may arise I think.

    For more details of the breach that took place in May, read here.

    I believe programs like KeePass also encrypt the data locally; the only difference is that the info stored stays on your machine. You have to remember to do backups of that data in the event of hard drive failure or malware attack on the system.
     
  15. zakazak

    zakazak Registered Member

    Joined:
    Sep 20, 2010
    Posts:
    523
    I know about that attack on LastPass a few months ago.

    You can't compare Keepass with Lastpass? Lastpass will allow you to have your encrypted data/passwords from every computer.. whereever you are. As well as mobile phones are supported. Checkout LastPass on Android (i use the addon for the dolphinHD browser).. i know nothing comparable.
     
  16. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,115
    Yes, so I started this topic, that is if I stop using NIS, I have an alternative, but did not like the LastPass.

    My passwords are generated by KeePass, so I have no idea how they are. So I need an autofill program and wanted to hear opinions on the LastPass.

    Norton Identity Safe works incredibly well, fills the passwords of all my sites, etc.. Really very safe, also almost everything I type on my machine is encrypted by KeyScrambler Professional. I've been getting paranoid.
     
  17. guest

    guest Guest

  18. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    You, like many others, fail to mention that only users with weak passwords are truly affected. They basically got the encrypted database.

    Personally, I use it for all non-important websites.
     
  19. Spruce

    Spruce Registered Member

    Joined:
    Dec 18, 2010
    Posts:
    291
    I guess it's like, hey you can be run over next time you go out too :p
    Nothing is risk-free ;)
     
  20. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    No, only one I trust with my passwords is me (and KeePass).
     
  21. Technical

    Technical Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    471
    Location:
    Brazil
    Yes, I use it as my online password manager.
    I use KeePass as my offline password store.
     
  22. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Cannot trust anyone :D
    Not even my relatives with my pass (Dad, Mom, Bro etc)
     
  23. fsr

    fsr Registered Member

    Joined:
    Jul 26, 2010
    Posts:
    190
    Yes I do use it for +2 yrs now I think this is very handy addon - but I don't use it for ebanking
     
Loading...