Page 4 of 8 FirstFirst ... 2 3 4 5 6 ... LastLast
Results 31 to 40 of 80

Thread: LastPass is brilliant!

  1. #31
    Bargain Hunter mottamort's Avatar
    Join Date
    Aug 2013
    Location
    East London
    Posts
    3,470

    Default

    Quote Originally Posted by Wyzak View Post
    Not if you use the alternatives that I suggested. You have now provided all of your passwords to a third party that you don't know anything about in clear text- that's the CIA/NSA's wet dream. Rule nr 1 of passwords is don't give them to anybody else.

    Heck, I guess I'm just paranoid, but I don't save any passwords. I type them all in manually.

    Have you ever been a victim of hacking? I haven't.



    The nude photo hacks were a combination of a failure on Apple's side to provide one of the most basic items of password security (limited number of attempts) and also passwords that were too simple. Have you ever been hacked?

    It's all good and well that they claim that, but do you know anything of that as a matter of fact? The only way you could know that is if you write it yourself from scratch without using any third party libraries. I'd rather print all of my my passwords on a piece of paper and store it in my safe, than put it on a website. Heck even notepad on your desktop is better if your PC is secure.
    As far as I know the statistic is still true that the safest is to write down your password and keep it safe physically. At some point there used to be paranoia and it was "bad practice" to do this, but seriously, which person breaking into your house is not only going to take/read something like that, but see it beyond anything other than chicken-scratching...
    My source for this info is QI

    While lastpass does intrigue me, I get turned off at the very mention of "cloud-based".

  2. #32
    Thread Killer Mk VIII czc's Avatar
    Join Date
    May 2010
    Location
    Between Kensington and The Vale
    Posts
    15,723

    Default

    Quote Originally Posted by mottamort View Post
    As far as I know the statistic is still true that the safest is to write down your password and keep it safe physically. At some point there used to be paranoia and it was "bad practice" to do this, but seriously, which person breaking into your house is not only going to take/read something like that, but see it beyond anything other than chicken-scratching...
    My source for this info is QI

    While lastpass does intrigue me, I get turned off at the very mention of "cloud-based".
    I think the "bad practice" came from office works writing their password on a post-it and sticking it to the side of the monitor.
    T A N S T A A F L

  3. #33
    Bargain Hunter mottamort's Avatar
    Join Date
    Aug 2013
    Location
    East London
    Posts
    3,470

    Default

    Quote Originally Posted by czc View Post
    I think the "bad practice" came from office works writing their password on a post-it and sticking it to the side of the monitor.
    This still happens unfortunately. Too many places I visit have exactly what you're talking about, although it does make my life a LITTLE easier if I need access to that machine and they're not around hehehe...

  4. #34
    mk786's Avatar
    Join Date
    Sep 2012
    Location
    Johannesburg
    Posts
    1,162

    Default

    I've been using last pass and xmarks combo for years. Best ever!

  5. #35

    Default

    Nice find, but not for me. I'm with Wyzak on this one...sort of

    I've got a truecrypt volume with a nice big fat text file in it. TrueCrypt is protected by a loooooong ass passphrase.

    Keep copies on multiple sources so if I loose one, I still have backups.

    and yes, I have heard about TrueCrypt not being that secure, so I might move to something else later.

    EDIT: And I use two factor authentication where ever avialable, GMail, STEAK, Origin, etc
    Last edited by VirtualForce; 11-09-2014 at 11:29 AM.

  6. #36

    Default

    Quote Originally Posted by Crzwaco View Post
    Have not been hacked.

  7. #37
    Hiro's Avatar
    Join Date
    May 2009
    Location
    Johannesburg
    Posts
    2,741

    Default

    Quote Originally Posted by VirtualForce View Post

    EDIT: And I use two factor authentication where ever avialable, GMail, STEAK, Origin, etc
    I think that 2 factor authentication on your STEAK is overkill

  8. #38

    Default

    Quote Originally Posted by Wyzak View Post
    You have now provided all of your passwords to a third party that you don't know anything about in clear text- that's the CIA/NSA's wet dream. Rule nr 1 of passwords is don't give them to anybody else.
    You have a point about not giving your passwords out, but I don't think the CIA or NSA would even need to collect passwords to access someone's account anyway. They'd just demand to get in and the company the account is administered by would have no choice but to comply or face the consequences. So whether you save them with LastPass or not is irrelevant. If they want in, they'll get in. There's nothing you can do about that.

    I don't provide all of my passwords to LastPass in any case. I keep the most important ones, like anything financial, out. Most of the passwords are just for forums and what I consider to be low level accounts, so it's fairly low risk.

    If accounts I have are protected by some form of MFA, then I usually don't bother storing them with LastPass.

    Quote Originally Posted by Wyzak View Post
    Have you ever been a victim of hacking? I haven't.
    Quote Originally Posted by Crzwaco View Post
    Have not been hacked.
    You haven't been hacked yet, or not as far as you know, anyway.

    Things to remember with LastPass: passwords are encrypted and decrypted locally, so as Lifehacker stated in their reply, if LastPass were to be compromised, the passwords would be useless without the master password which LastPass doesn't store, and you should change it immediately if you learn that LastPass has been compromised in some fashion.

    If someone tried to get into your account and they know your email and master password and/or security email, you should be using MFA, like the LastPass grid or Google Authenticator, or upgrade to LastPass Premium so you can use one of the other devices LastPass will work with. You can even use the virtual keyboard when signing in to LastPass to reduce the chances of your master password being captured by a keylogger.
    Last edited by MissileToe; 11-09-2014 at 12:16 PM.

  9. #39

    Default

    Quote Originally Posted by MissileToe View Post
    You have a point about not giving your passwords out, but I don't think the CIA or NSA would even need to collect passwords to access someone's account anyway. They'd just demand to get in and the company the account is administered by would have no choice but to comply or face the consequences. So whether you save them with LastPass or not is irrelevant. If they want in, they'll get in. There's nothing you can do about that.
    Assuming that the CIA or NSA have backdoors yes, but if they don't on the actual providers, they might well have with LastPass. You are opening up another door which is firmly shut otherwise.

    Quote Originally Posted by MissileToe View Post
    You haven't been hacked yet, or not as far as you know, anyway.
    Yeah there is always that possibility, but no actions have been taken and nothing of value has disappeared inexplicably.

    Quote Originally Posted by MissileToe View Post
    Things to remember with LastPass: passwords are encrypted and decrypted locally, so as Lifehacker stated in their reply to that letter, if LastPass were to be compromised, the passwords would be useless without the master password, which you should change immediately if you learn that LastPass has been compromised in some fashion.
    That's what they say anyway, whether that truly is the case you will never know. At least not until they confirm a hack or you realize that you've been hacked and they were the only custodians.
    When an anti-piracy method is affecting the game for people who legitimately bought it and causing other people not to buy the game, there is obviously something wrong with it!

  10. #40

    Default

    Quote Originally Posted by Lycanthrope View Post
    The only time I have a password shorter than 100-characters is when the site the password is for itself limits it.
    Yes, it's annoying when websites do that. I have an account on a website where I was once allowed to have as many characters as I wanted, and then they lowered it to a 12 character limit and you now have to use letters and numbers only (no special characters allowed). I know I'm right in saying that this wasn't the case before because I can view the password history for the account in LastPass.

    I don't go for 100 character passwords though. I would tend to agree with Hiro who claims that's a bit overkill, but I do think however one should have passwords with more than 10.

    If you don't like the idea of storing your passwords in the cloud, there are alternatives, like the awesome KeePass. These keep your data out of the cloud, but make it more difficult to access your passwords on anything but your main computer—which is a huge blow to convenience. Unless, of course, you sync them with Dropbox, which defeats the whole purpose of using a local password manager. And remember, if someone has physical access to your computer, they can still get your password database that way.
    I considered using KeePass, but there is the issue of it not being very compatible with browsers, like LastPass is, which does mean points off for convenience. But there is another reason on top of that: it's because KeePass downloads seem to be hosted on Sourceforge, and I don't touch Sourceforge nowadays after they were exposed for bundling spyware with some of their downloads. Don't know if this applies to the KeePass download, but if it does, that's pretty bad. Just think: you imagine you're protecting your accounts and yet when you install the program you could potentially be compromising your PC and by extension your accounts as well.

Similar Threads

  1. Brilliant Perfume ad
    By Maplassie in forum Off Topic
    Replies: 11
    Last Post: 21-11-2012, 08:57 PM
  2. Doom3 BFG edition is brilliant!!
    By vetbeer in forum Gaming Discussions
    Replies: 17
    Last Post: 09-11-2012, 11:25 AM
  3. Catherine - PS3 - Brilliant game!
    By Ice2Cool in forum Gaming Discussions
    Replies: 8
    Last Post: 09-05-2012, 06:03 PM
  4. Max Payne 3 is effing brilliant says Remedy
    By James in forum Gaming News Articles
    Replies: 0
    Last Post: 10-04-2012, 12:49 PM
  5. Jeremy Clarkson Remix. BRILLIANT
    By Hiro in forum Off Topic
    Replies: 4
    Last Post: 11-08-2009, 08:21 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •