Anyone can put anything up online talking about how secure they are. Do they have regular third party audits? Open source code? Why not? Those should be your first red flags right there. Do they decrypt for any reason? How do you know they don't? What about for legal reasons? What exactly happens in such a case? Just because a system or service utilizes encryption doesn't mean they are 100% secure. Weak points exist, even if it is a human, or unscrupulous business practices, or when data is in transit. There are many weak points within any system - and hackers aren't going after the strongest point of defense. How do you suppose to crack LastPass encrypted vault 5,000 rounds of PBKDF2-SHA256 key with a salt of 100,000 rounds? So, the solution is to encrypt it with Free and Open Source Software (so that we can see the source code to be sure that it really DOES encrypt our data safely), and KeepassXC is such a software. LastPass' Android app already has 3rd party trackers. anyone can make anything and claim to be something else. Or, anyone can make an app that sends passwords encrypted with the companies' public key (so that the company can read them), or. We just don't know.įor example, anyone can make a closed source app storing passwords with something like truncated md5pass / 56 bit RC4, and claim it uses Argon2 / SHA3-512 / AES-256 + Twofish. We don't know what is inside LastPass (it is NOT open-source). Browser's form autofill feature is a real danger for passwords leak and how many people have it disabled? How do you suppose to crack LastPass encrypted vault 5,000 rounds of PBKDF2-SHA256 key with a salt of 100,000 rounds? Please remember, LastPass never has access to your master password. The major thing I did NOT like about Keepass XC, was the fact it did not reside in the 'cloud', because I use LastPass on several PCs, different versions of Linux Mint, a lot of them experiments loaded into VirtualBox and I want LastPass to work there too.Īnd then, when I go to bed, my bedside laptop wouldn't know what the latest passwords are now.įor me, it was fraught with way too much trouble to keep everything sync'd up.Īnd, which PC had the latest copy of that new password?Īnd it works with Win10 ( sigh ) and anywhere I might be.īear in mind the risks of entrusting your passwords to a supposedly "trustworthy company" online. I tried Keepass XC several years ago, but it felt clumsy, or awkward, or I just didn't like how it worked?ĭon't remember now, I wake up to a new world every morning. I decided to go back to the way I had it before, let Firefox remember certain logins, and keep the database itself Encrypted. So, when FF was booted on a different IP, it did not know what the password was to invoke LastPass. Unfortunately, I had forgotten to exclude LastPass as being a cookie that gets tossed away. I had decided to change how FF handles cookies and passwords, and just rely on LastPass to handle things. I realize, and LastPass email messages make it quite clear, they think I am being hacked, so they block the new login from a strange IP address.Īnyone else have similar issues with their online password managers ? It continues to work just fine, until I switch back to T-Mobile and then I get in trouble again. I have just switched over to my Verizon MiFi to verify who I am, and get my password for LastPass sync'd up again. Sometimes it works, but more often it does not. So, I have to go to my email and verify that it was me, and then try to login to Lastpass again. Now, when TM changes my IP address, LastPass blocks me from doing an AutoLogin via Firefox using it as a Password Manager. I have been using LastPass for many years, normally without any problems at all,īUT, I have just come to realize that was probably because I have always had a Dedicated IP address previous to changing my ISP over to T-Mobile Wireless.īecause they give me 100gB for $50/month: Verizon is astronomically unaffordable and has a 30gB max/month plan, no Unlimited LTE at all.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |