Password managers

**christian** · 03-15-2017

I haven't worked in tech since 2002, but Lastpass is works for even a tech neophyte like me. I'm a little concerned about storing the passwords in the cloud, but smarter people than me seem to think it is ok.

**Mabouya** · 03-15-2017

Originally Posted by christian

I'm a little concerned about XYZ but smarter people than me seem to think it is ok.

Famous last words...

Christian, the next time I ask, please remind me to never take stock market advice from you. ;)

**j44ke** · 03-29-2017

Google's Project Zero vulnerability reporting team was able to execute an exploit for Last Pass. This is not the same as getting hacked but a proof of vulnerability exercise that means anyone who can figure out the exploit can use it to wreak havoc. Or just steal stuff. These groups search for vulnerability in well know products, and then they give the programmers of the product a certain amount of time to fix it before they release the details of the exploit. In this case, that's 90 days. If you use Last Pass, maybe change your master password a lot? Switch banking and other vital things to manual passwords? Do nothing?

Potent LastPass exploit underscores the dark side of password managers | Ars Technica

**Mabouya** · 03-30-2017

My password manager: A Flowfold "Minimalist" wallet in my front left pocket next to my "real" wallet, with some scraps of paper in it, one of which has some of my passwords.

Purchased by my sister for me in Maine, where they're made.

(Pic below isn't my pocket dump, but shows one that's the same color as mine.)

https://www.flowfold.com/product-category/wallets

**rec head** · 04-01-2017

Originally Posted by j44ke

Google's Project Zero vulnerability reporting team was able to execute an exploit for Last Pass. This is not the same as getting hacked but a proof of vulnerability exercise that means anyone who can figure out the exploit can use it to wreak havoc. Or just steal stuff. These groups search for vulnerability in well know products, and then they give the programmers of the product a certain amount of time to fix it before they release the details of the exploit. In this case, that's 90 days. If you use Last Pass, maybe change your master password a lot? Switch banking and other vital things to manual passwords? Do nothing?

Potent LastPass exploit underscores the dark side of password managers | Ars Technica

To their credit Lastpass takes this seriously and has had fixes out in hours in the past. This most recent one is a deeper problem however.

**tedbarbeau** · 04-04-2017

1 more vote for 1Password. It's easily one of the five best software purchases I've ever made.

User Tag List

Thread: Password managers

Thread Tools

Display

Re: Password managers

Re: Password managers

Re: Password managers

Re: Password managers

Re: Password managers

Re: Password managers

Similar Threads

Can i retrieve a skype password if the registered email is kapput?

iCloud Password Recovery Ideas for my Dad

Tags for this Thread

Bookmarks

Bookmarks

Posting Permissions