On 4/11/2014 8:30 PM, Steven Schveighoffer wrote:
Of course, it means you have to accept their word, and trust their competency. I
tend to doubt that somehow this is all a ruse and they are in cahoots with the
NSA.
I agree that it is pretty unlikely they are in league with the devil. But what
would happen to you if all your passwords got lost or compromised? How much
trouble would it be? All your bank accounts? All your email accounts? All your
professional accounts? All your accounting stuff? Suddenly you're cut off from
all of it? The risk may be small, but the potential damage could be very high.
The company itself may not be malicious. But they may be incompetent. And they
may have a rogue employee. And they may succumb to pressure from the government.
And they may get hacked. And they may change managers. And they may get acquired
by Evil Corp X.
What is your recourse if it all goes bad? What is your Plan B?
When I went skydiving, I had a backup chute. There are two independent braking
systems on my car. I don't invest everything in one company stock. I store
backups off site.
> you typically get what you pay for.
Typically, yes. What do you really expect to get for $12/year? That buys about 5
minutes of some entry level person's time. There's just no way I'm going to put
all my hundreds of accounts into that one box.
I strongly suggest, at a bare minimum, that you have LastPass print out all the
passwords it holds on a sheet a paper, and put that paper in your safety deposit
box.
