LastPass Reviews

LastPass does not encrypt your web addresses

about LastPass and PassIFox & ChromeIPass, KeePass, KeePassXC · · Helpful Not helpful 4 Helpful Report as spam

LastPass increases your online SECURITY by:

  • helping you generate and manage strong passwords
  • supporting 2 factor authentication (e.g. Yubikey)
  • syncing your database so you can access your passwords wherever you go.

HOWEVER, you should be aware of the downsides:

  • LastPass DOES NOT encrypt the URLs (web addresses) of the accounts you have
  • Therefore LastPass, and anyone who they share info with, such as govt agencies, can in principle see very easily which websites you have accounts with. This has obvious PRIVACY (not the same as SECURITY) implications, since such information could be used to profile you. (This is why LastPass is a security, not a privacy product. For more info, see here: https://systemoverlord.com/2015/09/16/what-the-lastpass-cli-tells-us-about-lastpass-design/
  • LastPass is not open source, which means you cannot be sure they are implementing their security correctly. Previous weaknesses have been found, including the LostPass vulnerability.
  • LastPass syncs your password database online. Whilst your passwords and login names (and other data, but not URLs) are encrypted, it makes this a very attractive online target for hackers. LastPass take precautions against hackers stealing and being able to break into your password database, but - again - you have to trust they've done this right. Oh, and guess what... there's evidence their servers have been hacked before (e.g. in 2011 and 2015).
  • Consider KeePass (free, open-source and local) as an alternative (for Windows and Linux)
  • Or, if you want something open source for Mac, Linux and Windows try KeepassXC with PassIFox or ChromeIPass for browser integration.

[Edited by JohnFastman, March 05]

Reply

My opinion is that this app is secure

about LastPass · · Helpful Not helpful 5 Helpful Report as spam

Most of recent security issues are really related to chrome and phishing and aren't really 0 day vulnerabilities, chrome doesn't have the same environment as other browser when it comes to addons programming, most extension that deal with outside request done through human input can be forged so i don't know what is the fuss about it.

I don't think this app should be marked as insecure as long as it isn't 100% developers fault.

Reply
about LastPass · · Helpful Not helpful 1 Helpful Report as spam

Secure, Easy to use, works on all my platforms

Reply

Best password managing extension

about LastPass · · Helpful Not helpful 1 Helpful Report as spam

My experience with this app in google chrome has been really good. I strongly recommend this extension, changed my way to surf the web.

Reply
about LastPass · · Helpful Not helpful Report as spam

broken functional after firefox 57 release - no copy\past data, slowdown work, authorization troubles.

and still no any updates for few months.

Reply
about LastPass · · Helpful Not helpful Report as spam

I have premium accounts on both. "Which one is more trustworthy?" Lastpass is the most popular, and LogMeIn is behind it, which as a well established company, they care about their reputation and customers, so they won't try to take away your trust.

Bitwarden is a new company, made by one guy. The big difference is that Bitwarden is Open Source, so anyone can check and audit the code. Not only that, you can take such software and implement it on your local server at not cost. Since they're a new company, they also don't want to loss your trust, they depend on their initial customer base.

Both have my trust. I believe both try their best to keep my data safe. But if you're talking about security issues, I think Bitwarden is better. I know for sure that Lastpass devs are either lazy or don't have enough resources to update their software. The plugins feel outdated, they're slow, and they have a lot of bugs. As you mention, they already had some security problems. I think it has to be expected, because the popularity of the platform. Also consider that these vulnerabilities, while allowed hackers to get data from lastpass accounts, they couldn't do much with it, because the data was encrypted.

Bitwarden, in the other hand, is Open Source, so anyone can check for bugs, report them, and the development is more transparent. The developer seems to be more active, and the software feels faster, well made, and stable.

So, my bet is for Bitwarden. Give it a try, the premium features are nice (like getting two-factor-authentication directly on your Bitwarden plugin) and is cheaper.

Source : https://www.reddit.com/r/Android/comments/7mex7b/lastpass_android_authenticator_app_is_not_secure/

Reply
about LastPass · · Report as spam

Great App,
Mobile Desktop Web all supported ,

Reply
about LastPass · · Helpful Not helpful Report as spam

Lastpaas is very useful Application for password management

Reply
about LastPass · · Helpful Not helpful Report as spam

Easy to use, offers a lot in free version.

Reply
about LastPass · · Helpful Not helpful Report as spam

It's only $12/mo and performs almost as well as Dashlane

Reply

Commercial

about LastPass and KeePass · · Helpful Not helpful Report as spam

Do not pay for such software!

  • Do not trust in commercial softwares.(You can not review it's source code or what is running in hidden.)
  • Do not get fooled by fake user reviews&promises./recommended by many pc magazines /what are silenced&owned by these companies --they must not write about free&opensource softwares [they must obey to the money]--/
  • You should use the really FREE&OpenSource KeePass instead of this huge media supported junk software.

""""There isn't a browser plugin to fill in forms""

  • The linux version of KeePass sucks, you are right, does not start, crashes, i do not recommend it.
  • BUT you can use the portable version for Windows with Mono-runtime on LINUX (I always did so, no difference)""
  • search for KeePassRPC plugin (need to copied to browser & plugin folders)

[Edited by igenn, November 03]

The linux version of KeePass is unofficial. There isn't a browser plugin to fill in forms

Reply

Look no further, this is the best password manager.

about LastPass · · Helpful Not helpful Report as spam

Very pleased with this password manager. Works with a variety of browsers. Top marks.

Reply

Excellent!!

about LastPass · · Helpful Not helpful Report as spam

Top notch indeed! and so intuitive to use. I am just getting started and I enjoy it very much.

It's intuitive if you use it simply. But any serious use of it requires use of the 'support' documentation, which appears to have been written on some remote island in the Pacific, that has never been visited by homo sapiens.

Reply

The best

about LastPass · · Helpful Not helpful Report as spam

The best connection manager that I was able to use!

It works with all major browsers and there are 2 software for windows, the first is paying but with a trial offer (it is so much more integrated to the system), and the second which is free "lastpass - pocket" is less well integrated, but free.

Once integrated into whatever you use to navigate,and added with "synchronization systems" from browsers, you will not lose your passwords or notes!

Reply