Results 1 to 17 of 17

Thread: Lastpass - A good solution to the password dilemma

  1. #1
    Administrator
    admin's Avatar
    Join Date
    Jan 2008
    Location
    Victoria
    Age
    56
    Posts
    31,150
    Thanks
    2,238
    Thanked 13,731 Times in 5,823 Posts
    Rep Power
    4552
    Reputation
    165805

    Default Lastpass - A good solution to the password dilemma

    If you hate having to remember passwords, you are not alone as most people are the same and many use very basic passwords because they cant remember anything too long. Obviously not very good from a security perspective.

    Lastpass solves that problem and even better it does it for free.

    On a PC, you sign up for an account and download their software. Whenever you visit a page where you have to login, as soon as you have logged in lastpass will ask if you want to remember it. You click yes. Whenever you return to that page, it will have filled out the login info for you. The only password you have to remember is the master password that you set on your lastpass account....thats it.

    It can also auto generate a safe password for you......basically you can change the password for all your accounts to a long complicated password and not have to remember it because lastpass remembers it for you.

    I am pretty good with passwords, but many sites are now demanding longer passwords that must have upper and lowercase letters along with other symbols that make things impossible to remember. Because of this, I am now a lastpass user.
    It also has apps for mobile devices.



    lastpass.com

  2. The Following 2 Users Say Thank You to admin For This Useful Post:

    mkhannah (17-01-19),OSIRUS (28-01-19)



Look Here ->
  • #2
    LSemmens
    lsemmens's Avatar
    Join Date
    Dec 2011
    Location
    Rural South OZ
    Posts
    10,585
    Thanks
    11,867
    Thanked 7,061 Times in 3,338 Posts
    Rep Power
    3153
    Reputation
    132592

    Default

    Firefox and, I'm certain, others, also remember passwords for most sites. The only one's I never ask it to remember are those attached to my money.
    I'm out of my mind, but feel free to leave a message...

  • The Following User Says Thank You to lsemmens For This Useful Post:

    irritant (24-01-19)

  • #3
    Administrator
    admin's Avatar
    Join Date
    Jan 2008
    Location
    Victoria
    Age
    56
    Posts
    31,150
    Thanks
    2,238
    Thanked 13,731 Times in 5,823 Posts
    Rep Power
    4552
    Reputation
    165805

    Default

    Quote Originally Posted by lsemmens View Post
    Firefox and, I'm certain, others, also remember passwords for most sites. The only one's I never ask it to remember are those attached to my money.
    They all do (including Chrome which I use), but as far as I am concerned they don't do it reliably enough to put 100% faith in them, particularly across multiple devices. See what happens when you need to clear your browser files er...oooppps !

  • #4
    Senior Member

    Join Date
    Dec 2011
    Location
    Tasmania
    Posts
    869
    Thanks
    1,485
    Thanked 956 Times in 416 Posts
    Rep Power
    544
    Reputation
    18321

    Default

    The thing with LastPass is that I don’t like my passwords being stored “in the cloud” (i.e. on somebody else’s computer) and can see that I’d need to pay for a subscription to do some of things I need to do. There’s also a bit of a history with that company offering things for free, then changing the rules so you have to pay for them.

    I’m happily using the open source / free KeePass. It’s not perfect, but at least I’m in control of where my passwords are stored. It also lets me add custom fields - useful for router SNMP community strings and things that don’t strictly fit into a normal password manager.
    Last edited by shred; 28-01-19 at 08:53 AM.

  • The Following 2 Users Say Thank You to shred For This Useful Post:

    gordonwh40 (28-01-19),tristen (28-01-19)

  • #5
    Junior Member
    Join Date
    Dec 2008
    Location
    New Zealand
    Posts
    118
    Thanks
    62
    Thanked 35 Times in 28 Posts
    Rep Power
    200
    Reputation
    555

    Default

    I’m happily using the open source / free KeePass. It’s not perfect,[/QUOTE]

    I would be concerned that it might talk back to the writer of the software with all your information

  • #6
    Senior Member

    Join Date
    Dec 2011
    Location
    Tasmania
    Posts
    869
    Thanks
    1,485
    Thanked 956 Times in 416 Posts
    Rep Power
    544
    Reputation
    18321

    Default

    Quote Originally Posted by iannic52 View Post
    I would be concerned that it might talk back to the writer of the software with all your information
    That's a valid concern and the argument over "open source vs proprietary" password management / security software is pretty much a religious debate.

    With open source, anyone can contribute a change - including a potentially dodgy modification. But anyone can view the source to verify that it has no back doors and hasn't been compromised.

    With a proprietary software product, you trust that the business creating it is keeping it secure and doing the right thing and that none of their developers does the wrong thing. Nobody outside that company can critique the source code and there are constant rumours of government authorities inserting back doors in commercial encryption systems.

    There's more to it than this, but people can put forward very persuasive arguments for and against each approach.

  • #7
    Senior Member
    fandtm666's Avatar
    Join Date
    Jan 2008
    Posts
    5,502
    Thanks
    244
    Thanked 990 Times in 465 Posts
    Rep Power
    1189
    Reputation
    40447

    Default

    i just use chrome pass portable on a usb stick
    when i add a new site and pass i just back up the new file
    to my usb and i can unplug and put it away till i need it.

    I personally just dont like the cloud stuff.

  • The Following User Says Thank You to fandtm666 For This Useful Post:

    tristen (28-01-19)

  • #8
    Administrator
    admin's Avatar
    Join Date
    Jan 2008
    Location
    Victoria
    Age
    56
    Posts
    31,150
    Thanks
    2,238
    Thanked 13,731 Times in 5,823 Posts
    Rep Power
    4552
    Reputation
    165805

    Default

    I generally find the cloud arguments amusing, particularly on a technology site. The entire internet is on a cloud, its called a server......including the website you are typing on and your password to boot.

    Realistically, if you are scared of cloud computing, you shouldn't be on the internet.

    Quote Originally Posted by Lastpass
    We’ve implemented AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to ensure complete security in the cloud. You’ll create an account with an email address and a strong master password to locally-generate a unique encryption key. Your data is encrypted and decrypted at the device level. Data stored in your vault is kept secret, even from LastPass. Your master password, and the keys used to encrypt and decrypt data, are never sent to LastPass’ servers, and are never accessible by LastPass.
    In a nutshell, you could swipe all the passwords and all you are going to get is.......nothing.

    Here's Microsoft's definition of the Cloud :

    The cloud is not a physical entity, but instead is a vast network of remote servers around the globe which are linked together and meant to operate as a single ecosystem. These servers are designed to either store and manage data, run applications or deliver content or a service such as streaming videos, web email, office productivity software or social media. Instead of accessing files and data from a local or personal computer, you are accessing them online from any Internet-capable device – the information will be available wherever you go and whenever you need it.
    Its is a bit of a giggle that people say they wont use "the cloud" when they in fact do it every day....and type passwords in to it. Youtube, email, social media etc etc etc.

    I can remember when web based email was the tin foil hat go to for "cloud" scares. "They can read your email", "The Government tracks all your movements", "The cat is pregnant and I am sure its a result of the Cloud". Here I am with 9 years worth of email in Gmail and no problems.

    I can remember when I posted about and reviewed cloud services for files and photos such as Google Drive, Dropbox etc. Here is a photo I took as I used a secret cloud based video camera to take some snaps of you all :





    In 20 odd years of going against what every alcoa foil bulk buyer has told me, I have had zero cloud problems If I had some of the hangups I read about, I wouldn't use the internet period. Actually when I think of it, the only true instances I have read of "cloud hacking" involve one simple process.......guessing easy passwords. Its no surprise at all that Apple's "iCloud" is the one that's constantly "hacked" ( a very loose term as password guessing is not hacking). Apple users, well lets just say that Apple has a higher than average incidence of having customers that are of below average intelligence and having ABC123 does usually get you caught out.


    So the great irony of course is that Cloud hacking (again loose term) happens because people use easy to guess passwords. And a password manager like this stops it.

  • #9
    Senior Member

    Join Date
    Jul 2010
    Location
    Sydney
    Posts
    1,703
    Thanks
    227
    Thanked 1,112 Times in 571 Posts
    Rep Power
    637
    Reputation
    20724

    Default

    Quote Originally Posted by admin View Post
    IIn a nutshell, you could swipe all the passwords and all you are going to get is.......nothing.
    The difference being, if someone gained access to your ‘cloud’ password and account, they would have access to _all_ of your usernames and passwords for _all_ your accounts that you have stored. That is a somewhat legitimate concern for having all ones passwords stored online.

  • #10
    Senior Member

    Join Date
    Dec 2011
    Location
    Tasmania
    Posts
    869
    Thanks
    1,485
    Thanked 956 Times in 416 Posts
    Rep Power
    544
    Reputation
    18321

    Default

    There are two things in IT that you should never outsource: one is security and the other is backups. When you migrate your data to "the cloud", you are outsourcing both.

    Cloud providers always have an "all care taken, but no responsibility" clause in the contract that you sign when you entrust your data to them. They undertake to do their best to keep your data safe, but if they lose it, it's always a case of "how sad, too bad". There have been many documented cases of people suddenly losing all access to their cloud hosted data - sometimes through something as simple as the cloud provider going broke. It has happened many times in the past and it will continue to happen in the future as the cloud market matures. I really, really don't fancy having to go around resetting every one of my online passwords.

  • The Following 3 Users Say Thank You to shred For This Useful Post:

    Skepticist (30-01-19),tristen (31-01-19),Uncle Fester (01-02-19)

  • #11
    LSemmens
    lsemmens's Avatar
    Join Date
    Dec 2011
    Location
    Rural South OZ
    Posts
    10,585
    Thanks
    11,867
    Thanked 7,061 Times in 3,338 Posts
    Rep Power
    3153
    Reputation
    132592

    Default

    Quote Originally Posted by admin View Post

    I can remember when I posted about and reviewed cloud services for files and photos such as Google Drive, Dropbox etc. Here is a photo I took as I used a secret cloud based video camera to take some snaps of you all :

    Hey! I Resemble that remark!
    I'm out of my mind, but feel free to leave a message...

  • #12
    Premium Member
    Skepticist's Avatar
    Join Date
    Apr 2009
    Posts
    1,139
    Thanks
    714
    Thanked 670 Times in 525 Posts
    Rep Power
    475
    Reputation
    12780

    Default

    I've been using Steganos Locknote for a long time to store such sensitive data in the form of a simple text file securely. The encryption is AES 256 but the security is further enhanced by only keeping the encrypted file on local storage, never in the 'cloud'. If required, I can simply take a copy of the file with me on a USB stick or SD card and open it on any PC (Win or Linux with Wine). Must look into whether it can be run on Android sometime.

  • #13
    Senior Member
    Uncle Fester's Avatar
    Join Date
    Jan 2008
    Location
    Commonly found in a pantry or the bottom of a fridge, searching for grains, fermented or distilled
    Posts
    6,405
    Thanks
    2,289
    Thanked 4,414 Times in 2,517 Posts
    Rep Power
    2046
    Reputation
    81778

    Default

    Quote Originally Posted by admin View Post
    I generally find the cloud arguments amusing, particularly on a technology site. The entire internet is on a cloud, its called a server......including the website you are typing on and your password to boot.

    Realistically, if you are scared of cloud computing, you shouldn't be on the internet.


    Because this is a technology site you should expect that there people here who don't just believe everything they read on the Internet and are critical of certain claims about security and do their own research in order to use the Internet wisely.

    Some things are safer kept offline.
    Many things are safer using individual passwords(that are recorded offline).
    ...and trying to memorise as much as possible is a good way to delay dementia in later life

    It all comes down to what you need to do. Obviously just for keeping photos and music, clouds are perfectly fine and can be useful.

    You don't keep your house 24/7 unlocked ... or do you?
    An single online/app password solution for all your privacy needs is like keeping your house key under the door mat.
    Last edited by Uncle Fester; 01-02-19 at 10:10 AM.
    Update: A deletion of features that work well and ain't broke but are deemed outdated in order to add things that are up to date and broken.
    Compatibility: A word soon to be deleted from our dictionaries as it is outdated.
    Humans: Entities that are not only outdated but broken... AI-self-learning-update-error...terminate...terminate...

  • The Following 3 Users Say Thank You to Uncle Fester For This Useful Post:

    enf (05-03-19),Skepticist (01-02-19),tristen (01-02-19)

  • #14
    LSemmens
    lsemmens's Avatar
    Join Date
    Dec 2011
    Location
    Rural South OZ
    Posts
    10,585
    Thanks
    11,867
    Thanked 7,061 Times in 3,338 Posts
    Rep Power
    3153
    Reputation
    132592

    Default

    Quote Originally Posted by nomeat View Post
    keeping your house key under the door mat.
    What's wrong with that? If it isn't kept there, I'd never find it!
    I'm out of my mind, but feel free to leave a message...

  • #15
    Premium Member

    Join Date
    Jan 2008
    Posts
    4,311
    Thanks
    5,982
    Thanked 4,171 Times in 1,771 Posts
    Rep Power
    1348
    Reputation
    50392

    Default

    Quote Originally Posted by lsemmens View Post
    What's wrong with that? If it isn't kept there, I'd never find it!
    An attempt at humour but without relevance to the discussion.

  • #16
    LSemmens
    lsemmens's Avatar
    Join Date
    Dec 2011
    Location
    Rural South OZ
    Posts
    10,585
    Thanks
    11,867
    Thanked 7,061 Times in 3,338 Posts
    Rep Power
    3153
    Reputation
    132592

    Default

    if you look back through all the posts, tristen, there were quite a few attempts at humour, none of which were relevant. S, what's your point.

    I keep all of my critical stuff somewhere on one of my computers, good luck finding it though, among the many thousands of files stored there. And, yes, I do know which file it is in, and you'll not find anything in it that is of use to you.
    I'm out of my mind, but feel free to leave a message...

  • #17
    Premium Member

    Join Date
    Jan 2008
    Posts
    4,311
    Thanks
    5,982
    Thanked 4,171 Times in 1,771 Posts
    Rep Power
    1348
    Reputation
    50392

    Default

    Quote Originally Posted by lsemmens View Post
    if you look back through all the posts, tristen, there were quite a few attempts at humour, none of which were relevant....
    I know.

    I keep all of my critical stuff somewhere on one of my computers, good luck finding it though, among the many thousands of files stored there. And, yes, I do know which file it is in, and you'll not find anything in it that is of use to you.

  • Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •