Results 1 to 12 of 12
Thread: Has anyone used LastPass?
-
07-09-2010, 03:12 AM #1Web Hosting Master
- Join Date
- Aug 2004
- Location
- Earth
- Posts
- 8,154
Has anyone used LastPass?
Is anyone using LastPass? http://lastpass.com/
Looks like a great application that syncs with multiple browsers and even multiple smartphone platforms. Android, BlackBerry, iPhone and Chrome/Firefox.
Only thing that concerns me is that are the passwords stored on their database to sync?
All of your data is encrypted locally on your PC - only YOU can unlock it.
Any feedback on this?
-
07-09-2010, 03:17 AM #2Danananana Danananana Batman!
- Join Date
- Dec 2008
- Location
- Florida
- Posts
- 1,052
$1.00 a month that bills at $12/Year isn't really all that bad.
I've never heard of it although I did just read a few good reviews about it.Not sure what to put here :-P
-
07-09-2010, 09:12 AM #3Retired Moderator
- Join Date
- Nov 2002
- Location
- WebHostingTalk
- Posts
- 8,901
I think SWR recommended it to me some time ago... I use it... love it!
SiriusI support the Human Rights Campaign!
Moving to the Tampa, Florida area? Check out life in the suburbs in Trinity, Florida.
-
07-09-2010, 09:14 AM #4Web Hosting Master
- Join Date
- Nov 2009
- Location
- Colombia
- Posts
- 2,150
I use it with Firefox in all my PCs, it also supports like all browsers. I have free version. and yea, I LOVE IT too
█ Diego Rodríguez B. - https://diegorbaquero.com
█ Software Engineer @ Protocol Labs | Filecoin Saturn
-
07-09-2010, 10:19 AM #5Web Hosting Master
- Join Date
- Feb 2002
- Location
- Australia
- Posts
- 24,027
How can you store your master password to access your logins on their server? That's nuts. I use 1Password, across my laptop, iPad and iPhone. If I change or add a new login, it syncs up on all devices.
• WLVPN.com • NetProtect owned White Label VPN provider •
• Increase your hosting profits by adding VPN to your product line up •
-
07-09-2010, 10:40 AM #6Web Hosting Master
- Join Date
- Aug 2004
- Location
- Earth
- Posts
- 8,154
How can you store your master password to access your logins on their server? That's nuts.
-
07-09-2010, 10:49 AM #7Web Hosting Master
- Join Date
- Nov 2009
- Location
- Colombia
- Posts
- 2,150
Taken from their website:
LastPass is an evolved Host Proof hosted solution, which avoids the stated weakness of vulnerability to XSS as long as you're using the add-on. LastPass strongly believes in using local encryption, and locally created one way salted hashes to provide you with the best of both worlds for your sensitive information: Complete security, while still providing online accessibility and syncing capabilities. We've accomplished this by using 256-bit AES implemented in C++ and JavaScript (for the website) and exclusively encrypting and decrypting on your local PC. No one at LastPass can ever access your sensitive data. We've taken every step we can think of to ensure your security and privacy.
LastPass uses SSL exclusively for data transfer even though the vast majority of data you're sending is already encrypted with 256-bit AES and unusable to both LastPass and any party listening in to the network traffic -- the amount of data is trivial so the extra encryption doesn't hurt. Our policy of never receiving private data that you haven't already locked down with your LastPass master password (which we never receive and will never ask for) radically reduces attack vectors. We use firewalls and best practices to protect the servers and service, but our best line of defense is simply not having access to data even if someone got in. If LastPass can't access it, hackers can't either.█ Diego Rodríguez B. - https://diegorbaquero.com
█ Software Engineer @ Protocol Labs | Filecoin Saturn
-
07-09-2010, 12:20 PM #8Web Hosting Master
- Join Date
- Aug 2004
- Location
- Earth
- Posts
- 8,154
According to http://www.pcmag.com/article2/0,2817,2343565,00.asp
The encrypted files are stored on their servers online. And the only way to ever decrypt them would be with your master password, even they can't access your data without the master password so if you lose that you're pretty much going to have to start over.
But how secure does that make you feel?
-
07-09-2010, 12:25 PM #9Web Hosting Master
- Join Date
- Nov 2009
- Location
- Colombia
- Posts
- 2,150
I've never forgot my master password, I doubt someone would.
Try packet sniffing all you want, and try to get your own data. Good luck█ Diego Rodríguez B. - https://diegorbaquero.com
█ Software Engineer @ Protocol Labs | Filecoin Saturn
-
07-09-2010, 03:00 PM #10New Member
- Join Date
- Jul 2010
- Posts
- 2
This is no longer the case, LastPass came up with a way to allow account recovery while maintaining our security stance of never having access to your data at LastPass: Account Recovery via a disable locally stored one time password. I can't link the URL to it since I'm new here.
-
07-09-2010, 03:05 PM #11Web Hosting Master
- Join Date
- Aug 2004
- Location
- Earth
- Posts
- 8,154
Nice to see a lastpass representative come here to respond to our questions
-
07-09-2010, 04:07 PM #12New Member
- Join Date
- Jul 2010
- Posts
- 2