On Monday, December 17, 2012 5:55:35 AM UTC-5, fabrizio.giudici wrote: > > On Mon, 17 Dec 2012 09:48:35 +0100, Jan Goyvaerts > <[email protected]<javascript:>> > > wrote: > > > I'm using Lastpass <https://lastpass.com/> - it logs in for you, > > generates > > impossible passwords, has a plugin for many browsers, seems to have > > integration with Linux systems too. It has an ios app, but never used > > that. > > > > I don't even know the passwords of the sites any more. I just know it's > > > all > > different 20+ characters random crap. I only know the master password. > > :-) > > It's what I'd like to do - but who guarantees that Lastpass is secure? > That it stores passwords correctly encrypted? That it doesn't leak them in > > memory? That it doesn't send them to a server? > > Another +1 for LastPass. You can read more about it at https://lastpass.com/enterprise_technology.php but LastPass doesn't know anything about your password/passwords. It just stores your encrypted password vault. For example, if you forget your LastPass master password, then you are out of luck, they can't possibly recover it for you. All decryption happens locally.
I now have distinct passwords on most of my online accounts because LastPass makes it so easier. This severely limits my exposure should a website get hacked that I have an account on. To me that's the main security benefit of LastPass. -- You received this message because you are subscribed to the Google Groups "Java Posse" group. To view this discussion on the web visit https://groups.google.com/d/msg/javaposse/-/jenZnqW6ZXoJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
