Password manager Lastpass has announced that they are letting their Free users sync their passwords across all devices – desktop, laptop, tablet, or smartphone. Mac or PC. Android or iOS. There will still be ads for Free users and other features available only for paid Premium users ($1 a month). Still, anyone can now store all their passwords on the cloud for free. I must use my password manager over 100 times a week as it allows me to have a unique, complex password for every single website. Perhaps this move is partially due to iCloud keychain being free for Apple users?
In case you were wondering, it was Lastpass that was hacked last year, although it doesn’t appear any master passwords were directly exposed. This serves as a reminder that cloud sync is convenient, but with its own set of security concerns. Lastpass also offers multi-factor authentication for additional security, which again you’ll have to weigh against convenience issues.
See also: 10-Minute Digital Privacy Tuneup from Consumer Reports
The Best Credit Card Bonus Offers – November 2024
Big List of Free Stocks from Brokerage Apps
Best Interest Rates on Cash - November 2024
Free Credit Scores x 3 + Free Credit Monitoring
Best No Fee 0% APR Balance Transfer Offers
Little-Known Cellular Data Plans That Can Save Big Money
How To Haggle Your Cable or Direct TV Bill
Big List of Free Consumer Data Reports (Credit, Rent, Work)
My preference is KeePass. I will accept the extra work to avoid having my passwords on the cloud. I also choose to use Quicken because I don’t want my passwords on the cloud. At least not all in one place.
I try to limit my access to financial sites to my laptop. So, syncing is not an issue. I do not store the database on my laptop and the key file and program are stored on a separate usb drive. Backup for database and key file are in a safety deposit box.
abc, you have a valid argument, keeping away from cloud, what do you use when you’re away from you computer/if you don’t have one handy? library, w/ your thumb drives,? it’s risky. how do you access your passwords on the road?
Laptop works fine on the road. Keep database on one usb, and program and key file on second usb. I carry one drive and my wife carries the other drive when traveling. Only computers other than mine that I use is my kids’ computers when visiting their homes. With Quicken, it is easy to plan ahead and manage financial accounts before leaving home, so leave laptop at home most of the time.
However, I can see that LastPass might be useful for non financial accounts, like hotels and airlines. Thanks for making me think a little more on the subject, I might split out and manage financial accounts with KeePass and non financial accounts with LastPass.
LastPass use-case for me: used for years on android, linux/chrome, linux/firefox, windows/chrome and widows/firefox. Premium level, $1/month. Over 600 IDs and passwords. Using 2FA. LastPass has been very forthcoming about attacks and breaches. Local encryption is used. Storing passwords in cloud has risk but, my view it is very low and worth the convenience. Extremely sensitive documents stored in cloud are encrypted locally.
what are you using for 2fa, yubikey? which one?
google authenticator.
Also use phone/pc machine id and USA only ip addresses with lastpass. (not perfect but another couple of “walls”.)
good points
rocktx, can the IPs be spoofed w/ a VPN?
http://www.howtogeek.com/210614/how-to-access-region-restricted-websites-from-anywhere-on-earth/
yes, vpn will allow access from anywhere, so “IPs only from USA” is a simple filter. There is also an option to disallow logins from TOR.
right, but can a hacker use a vpn to get into the US IPs and into our lastpass, bypassing that filter that you mentioned?
Also, I’m getting an error message when submitting a comment: “invalid data”
yes, hacker can use vpn to get US IP, so the USA filter would be bypassed. That leaves email, password and 2FA.