Password managers

Subject: Password managers Fri Aug 04, 2017 8:26 am

Any views please on Last Pass?

Subject: Re: Password managers Fri Aug 04, 2017 9:41 am

I've been using LastPass for a number of years. I read all the warnings about Cloud password managers but I haven't had any trouble with LastPass. There was one occasion when users were asked to change their master passwords because of a suspected security hack attempt but I think this was only a danger to those who had master passwords such as 'fido' or 'hellomum'.

Also, there's a chap called Tavis Ormandy who works for Google as a security hole finder. He found a couple of potentially exploitable holes in LastPass. He informed the company about them and the holes were quickly patched.

I suppose you have to weigh up any risks with using Cloud password managers with the convenience of use ..and LastPass does make logging into sites easy. As regards risks, the encryption key is not stored at the LastPass servers but on your own computer. All in all, I reckon that as long as you have a strong master password, LastPass is pretty safe. Have something like this maybe:

\9vh9ECif3jrD/12ghtP

..and keep it in a Notepad file somewhere so it can be copy/pasted into the password field if needs be.

As a precaution, I don't use LastPass for storing the login details or card numbers for our bank site or PayPal login. Probably could do but I just prefer to copy/paste these in as required from a notepad file buried deep in the computer system.

Subject: Re: Password managers Fri Aug 04, 2017 9:55 am

Many thanks for the info, I will give it a lot of thought before committing myself. As regards banking, Eset now have a banking security set up as part of their security suite, and when I try to log on the security comes into action and opens a safe browser.

https://www.youtube.com/watch?v=qIHRth8-kJI

Subject: Re: Password managers Fri Aug 04, 2017 10:13 am

Mart wrote:: As a precaution, I don't use LastPass for storing the login details or card numbers for our bank site or PayPal login. Probably could do but I just prefer to copy/paste these in as required from a notepad file buried deep in the computer system.

Don't forget to remove it from your 'copy/paste' system though batman

Subject: Re: Password managers Fri Aug 04, 2017 10:25 am

A good point Malcolm. I do this but forgot to mention it. After pasting, I copy just one character (letter or number) to the clipboard to overwrite anything that's on it.

I've just been reading a page about LastPass. They have a free and paid version. LastPass was acquired by a company called LogMeIn a while ago and that sort of thing usually means a change of free usage. It doesn't seem as if the changes would affect a home user with the free version but still worth knowing about maybe:

https://www.neowin.net/news/lastpass-doubles-price-of-its-premium-plan-removes-features-from-its-free-service-tier

» Website Password Frustration