![]() ![]() * The authenticator at the time required SMS recovery, which I feel is a security risk. * The hardware key 2FA is just OTP and not the stronger fido/u2f. The following are stuff that I did not like: ![]() * They had some sort of family plan that I didn't make use of but was somewhat unique to lastpass. A lot of other password manager do not allow this out of security reasons. * Last Pass has a password recovery feature that supposedly allow you to recover your master password securely. Keep in mind that ip location can be spoofed. * You can setup geo locking, preventing hackers from other countries from accessing your vault. * You can setup secure note to prompt you for the master password if you open the entry. The following feature are more unique to Last Pass A short review of the paid version.įeatures that are common to most Cloud based password managers The reason was not due to the security breach but the sharp increase in price from $10 to $36 a year without adding much functionality nor fixing some of the bugs. I can tell you that the process of moving from LastPass to Bitwarden was almost completely painless for everyone in my family who went through it, including my 80yo mother. I moved myself and my family to Bitwarden, but there are plenty of other good alternatives such as 1Password. Honestly, there's no good reason today in 2023 to continue with LastPass. No more they lost my trust when they had not one, but TWO breaches in the past 12 months, which allowed hackers to make off with their crown jewels: your password files, which, due to LastPass's poor design, only encrypted the username/password, but LEAKED metadata such as urls, which makes it easier to target victims with phishing URLs. I'm a former IT professional with 30+ years of security experience, and I used to sing LastPass's praises to friends and family. Or if that's too strong a word, then at least "extreme sloppiness". LastPass's breach was due to, IMHO, negligence. I've always felt that it is just a matter of time before all password managers are hacked. Of course, I changed *all* my passwords, starting with the important financial ones first eventually getting to and the like. So, I switched to BitWarden earlier this year and couldn't be happier with them. LP's lack of candor in their disclosures (putting it mildly or weasely-worded CYA legal language to be blunt) caused me to lose all trust and faith in them. But these days, with so many sites requiring passwords, I don't even bother and just use the search tool at the top of their app to quickly locate the information I'm after. LastPass made it easy to do and was pretty painless, the entire reason I signed up for a password manager to begin with.īack when I started, I had everything organized by category in LastPass. When LastPass was hacked, even though my data supposedly wasn't affected according to them, I just went through and switched all my passwords. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |