Jump to content
bachya

LP Vault Manager: A Workflow for LastPass

Recommended Posts

FWIW, I was looking into the security of Lastpass (and others) last night.

 

It seems that the password used to log into the online service is derived from your master password in such a stupid way as to make your master password hundreds of times easier to crack than an offline-only copy of your database would be.

 

They also do some rather questionable things, like storing known, encrypted text in the database, which also makes cracking your master password much simpler than it would otherwise be. And ironically, the known text in question is "lastpass rocks"…

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...