I'm going to have to agree with Jack. LastPass made a pretty good showing with responsible notification and response. In fact, it was their response to that possible-non-event that encouraged me to bump up to the paid account. Admittedly, the paid account is 12 bucks, so it didn't take much.
Scott On Aug 4, 2011, at 10:54 AM, Jack Daniel wrote: > Just to be contrary (no shit, really Jack?!?!)... > > LastPass detected and was transparent about their incident, they are > open about their tech, and they overreacted to anomalous traffic out > of caution. That's a vastly better *proven* track record than any > other player in the space. > > As far as tokens or other 2fa, the RSA fiasco proves it doesn't matter > what you use if you do it wrong. I like WiKID, but that is partly > because I like Nick. Which, in fairness, is a better reason than those > that drive many decisions. An Open Source cimmunity version doesn't > hurt, either. (WiKID is a soft token solution, so if you want a lump > in your pants you'll need to look elsewhere). > > > Jack > > > On Thu, Aug 4, 2011 at 7:10 AM, Tom McCredie <[email protected]> wrote: >> +1 on keepass, windows, blackberry and android version available also. >> >> On 4 August 2011 14:16, Josh More <[email protected]> wrote: >>> >>> LastPass replacement: KeePass / KeePassX >>> >>> No opinions on the token option. >>> >>> -Josh >>> >>> On Thu, Aug 4, 2011 at 8:01 AM, In Nate <[email protected]> wrote: >>>> >>>> I have been looking for an alternative to lastpass since they experienced >>>> "unusual" activity a bit back. My requirements are a multiple-platform and >>>> multiple mobile device support. Given the recent RSA issue, I'm not sure >>>> what the best in class token based solution is at the moment, but would >>>> welcome any thoughts or input as I would like it to also support token >>>> based >>>> 2 factor authentication. >>>> >>>> Cheers. >>>> >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>> >>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >> >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > > -- > ______________________________________ > Jack Daniel, Reluctant CISSP > http://twitter.com/jack_daniel > http://www.linkedin.com/in/jackadaniel > http://blog.uncommonsensesecurity.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
