It isn’t just LastPass themselves who’re in a position to influence the clients. Including transmitting the contents of your password vault back to LastPass’ servers without encryption, or send it directly to a third-party server. The illusion of perfect security falls apart as soon as you realize that LastPass can just change their clients to do whatever they want or are pressured to do by a government agency. People don’t need to trust LastPass as LastPass can’t do anything bad with their data in the current scheme of things. This security design is sometimes referred to as Trust No One ( TNO). LastPass’ servers aren’t all that vulnerable as both encryption and decryption happen on the client with their servers only storing unintelligible encrypted blobs. If someone stole the LastPass database, they shouldn’t be able to do anything with the data they get from LastPass as the encrypted blobs aren’t worth anything without your account password to decrypt them.Īs of now, LastPass can’t share your passwords with law enforcement, the NSA, hackers who serendipitously gained access to LastPass’ infrastructure, or anyone else. Their password vault client applications, even their web interface, perform all the encryption and decryption on the client. LastPass can’t currently see the passwords you save to their servers while using the service. I also wonder how safe is LastPass and I’m having a hard time trusting LastPass despite the company doing everything, as far as we know, technically correct in terms of secure password storage that not even LastPass themselves can access. Their slogan “the last password you’ll ever need” refers to how your one password for LastPass can be used to unlock all your online accounts enabling you to have unique and random passwords on all the different services you use. LastPass is a popular password vault solution that encrypts and synchronizes your login data for all your various services between all your devices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |