Comments on: Would LastPass Stand Up to a Password Cracker?

By: Evan Kline

Evan Kline — Tue, 13 Jul 2010 13:12:52 +0000

I think that is a good point in general, with information stored in the cloud. Online data (for example, in Google Docs) is probably more secure than the average user’s PC sitting in his or her home.

By: gggirlgeek

gggirlgeek — Tue, 13 Jul 2010 03:19:28 +0000

I seem to be the only one in the world who actually feels more secure saving my passwords on a server INSTEAD of my computer. I came to Lastpass after using some general system info software and seeing how easily it found the passwords “hidden” on my computer. I am much more nervous about my smartphone or computer being stolen, and hacked, than worrying about whether someone can hack a remote server with 256 bit encryption.

It is sooooo easy to dump the contents of a hard drive and scan the insecure text files for passwords. Trying to crack encrypted messages over the internet, not so much.

So now, if my phone or computer is stolen, all I have to do is log on to Lastpass, change my password, and send my phone a text message to reformat everything (using F-secure or Kapersky) Easy as pie!

I’m a Lastpass Firefox addon fan. That’s all I use.

By: Miguel Febres

Miguel Febres — Fri, 07 May 2010 16:41:54 +0000

You can use the following script to test the security of your keepass database: http://www.q-protex.com/software/password-recovery/keepass-self-bruteforce

By: Miguel Febres

Miguel Febres — Fri, 07 May 2010 16:41:16 +0000

You can use the following script to test the security of your truecrypt container: http://www.q-protex.com/software/password-recovery/truecrypt-self-bruteforce

By: Evan Kline

Evan Kline — Sat, 27 Mar 2010 00:10:22 +0000

That’s a great way to use it. I’ll have to look into the grid or the YubiKey, and keep in my mind how you’re doing it.

By: Quoc-Huy

Quoc-Huy — Fri, 26 Mar 2010 23:36:57 +0000

A friend of mine suggested me to use 1password but I felt in love with LastPass as I can use it securely on any computer not just mine. I can setup a portable Firefox/Chrome with LastPass add-on.
The free version allowed me to use a grid as 2nd factor auth, but I’m now using YubiKey. All my online accounts are now 20 characters long and my master password very secure but memorable so is my main email account just in case I need to disable the 2nd factor auth if I lose my YubiKey (should get another one).

By: Sue

Sue — Mon, 14 Sep 2009 19:57:22 +0000

Yubikey, and now UmiKey, has been long supported by MashedLife.com. Definitely that's the way to go!

By: Evan

Evan — Fri, 11 Sep 2009 14:48:30 +0000

I'm a fairly recent convert to password managers myself. Now that I see how easy LastPass is, I wish I had used it sooner. LastPass does allow you to set up a password hint. I set one up that would only make sense to me, to tell me what all the giberish that makes up my password means.

By: miscbytes

miscbytes — Fri, 11 Sep 2009 03:54:20 +0000

I haven't used a password manager yet. I'm not sure why – probably the fear that I'd forget that master password. For now I'm just doing it the old fashioned way, using long, complex passwords and changing them up now and then.

By: Evan

Evan — Thu, 10 Sep 2009 20:09:54 +0000

I'm not too familiar with 1password (I have the iPhone version, but haven't really used it), but I imagine it is pretty similar. Social engineering is a big danger. I think that just comes down to users being aware of what they're doing.