Overclock.net › Forums › Industry News › Rumors and Unconfirmed Articles › [/.] LastPass may have been hacked
New Posts  All Forums:Forum Nav:

[/.] LastPass may have been hacked - Page 7

post #61 of 89
Quote:
Originally Posted by Shub View Post
There are valid criticisms to be made about LastPass but this whole paragraph is almost entirely wrong.
- You can import from CSV
- You don't have to have an Internet connection (use LastPass Pocket)
- You can store any kind of text-based data in addition to sites and related credentials
- You can search through your data
I don't know your circumstances, but my guess is you were either doing it wrong, or something wasn't working properly.

I've never tried 1Password but it looks to me like every feature you described is also in LastPass.
-It failed to import the CSV file that was exported from 1Password multiple times. It would not sort the proper field during import.
- Can you add/edit new entries while offline?
- Only text based data. The interface is very primitive. Custom fields aren't available. No more useful than a .txt document...
- No where near as useful as this kind of search:

Lastpass is useful as a basic password manager, just not as efficient or as professionally done as 1Password. It doesn't remember custom form fields when saving account logins. I prefer managing the location of the database myself, rather then relying on some 3rd party hosting site to secure the data.
Edited by PoopaScoopa - 5/6/11 at 10:15am
post #62 of 89
Shudder. I'd never trust one website for my passwords. It's like putting all your valuable data on one HD. No matter how good, that HD may, and will fail.

Just get 3-4 complex passwords, remember them, then rotate them based on an algorithm. For example, if your pass was t5Mn201X1t5, you can remember that the 3rd letter will always be the current month, and every odd month it will be capitalized and even not capitalized. Then you can change one number which signifies a year, or just decrease it by one.

Any website you use on a regular basis should have a strong password, whether it's OCN or some game forum you frequent.

Just because it's different from your bank account password doesn't mean it should be any less secure
    
CPUMotherboardGraphicsRAM
4690k @ 4.5 MSI Z97 Gaming 5 EVGA 980 Ti 16GB GSkill 
Hard DriveOptical DriveCoolingOS
Evo 250 500GB, 2x 1TB F3 + 3TB Seagate GoFlex +... Optical Drive? You mean 5.25 Floppy drive? I go... Nh-D14 Win7 64. Diewin10die. 
MonitorMonitorKeyboardCase
XB270HU My girlfriend stole my other monitor. Damn women! Celeritas Phanteks Enthoo Pro 
MouseMouse Pad
Cheap Sharkk gaming mouse. Last Mx518 died yea... Puretrak Talent 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
4690k @ 4.5 MSI Z97 Gaming 5 EVGA 980 Ti 16GB GSkill 
Hard DriveOptical DriveCoolingOS
Evo 250 500GB, 2x 1TB F3 + 3TB Seagate GoFlex +... Optical Drive? You mean 5.25 Floppy drive? I go... Nh-D14 Win7 64. Diewin10die. 
MonitorMonitorKeyboardCase
XB270HU My girlfriend stole my other monitor. Damn women! Celeritas Phanteks Enthoo Pro 
MouseMouse Pad
Cheap Sharkk gaming mouse. Last Mx518 died yea... Puretrak Talent 
  hide details  
Reply
post #63 of 89
Quote:
Originally Posted by Epitope View Post
I only use 3 passwords. 2 very strong ones for things like bank and finance stuff and a weaker one for things like this forum and other crap that doesn't matter if it gets hacked.

Does it really matter if somebody hacks my myspace, OCN account etc.?
I started like this too. Then I got new bank accounts, new finance stuff, new time sheet log in at work, new pay stubs program, and things started to pile up. Half of them have weird rules that made me vary my original strong password. Then one day I found fraudulent charges on my bank account, so I redid all my strong passwords. I'm sure I forgot some of the new passwords to things I log into infrequently. Throw in all those regular sites (OCN, etc) and all of sudden I've got quite a mess of passwords.

Having some sort of password management would be a huge help to me.
    
CPUMotherboardGraphicsRAM
i7-2600k 4.5GHz @ 1.32V Asus P8P67 Pro EVGA GTX 580 Mushkin 2133 9-10-9-24 
Hard DriveHard DriveCoolingOS
Samsung 840  WD Black Silver Arrow Windows 7 
MonitorKeyboardPowerCase
Dell U2211H Rosewill RK-9000BR Seasonic X750 HAF X 
MouseAudio
Razer Lachesis Grado HF2 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7-2600k 4.5GHz @ 1.32V Asus P8P67 Pro EVGA GTX 580 Mushkin 2133 9-10-9-24 
Hard DriveHard DriveCoolingOS
Samsung 840  WD Black Silver Arrow Windows 7 
MonitorKeyboardPowerCase
Dell U2211H Rosewill RK-9000BR Seasonic X750 HAF X 
MouseAudio
Razer Lachesis Grado HF2 
  hide details  
Reply
post #64 of 89
Quote:
Originally Posted by PoopaScoopa View Post
-It failed to import the CSV file that was exported from 1Password multiple times. It would not sort the proper field during import.
- Can you add/edit new entries while offline?
- Only text based data. The interface is very primitive. Custom fields aren't available. No more useful than a .txt document...
- No where near as useful as this kind of search:

Lastpass is useful as a basic password manager, just not as efficient or as professionally done as 1Password. It doesn't remember custom form fields when saving account logins. I prefer managing the location of the database myself, rather then relying on some 3rd party hosting site to secure the data.
I had a problem when importing my passwords from KeePass, but it finally worked and worked perfectly. After that, I have yet to have a problem.

Quote:
Originally Posted by j0zef View Post
Shudder. I'd never trust one website for my passwords. It's like putting all your valuable data on one HD. No matter how good, that HD may, and will fail.

Just get 3-4 complex passwords, remember them, then rotate them based on an algorithm. For example, if your pass was t5Mn201X1t5, you can remember that the 3rd letter will always be the current month, and every odd month it will be capitalized and even not capitalized. Then you can change one number which signifies a year, or just decrease it by one.

Any website you use on a regular basis should have a strong password, whether it's OCN or some game forum you frequent.

Just because it's different from your bank account password doesn't mean it should be any less secure
Like I said before, you should have multiple passwords. Never have just 1-2, because if someone finds out one. Then you're basically screwed.

This happened to me. I had one or two passwords that I used. Guess what? I got a keylogger on my computer and I had basically almost all of my accounts from hotmail to gmail to facebook taken from me. Boy was it a PITA to recover some of them. FB and Hotmail was easy to get back, but Gmail. Nope.

Ever since then, I won't ever have 1-2 passwords for everything.

Quote:
Originally Posted by DayoftheGreek View Post
I started like this too. Then I got new bank accounts, new finance stuff, new time sheet log in at work, new pay stubs program, and things started to pile up. Half of them have weird rules that made me vary my original strong password. Then one day I found fraudulent charges on my bank account, so I redid all my strong passwords. I'm sure I forgot some of the new passwords to things I log into infrequently. Throw in all those regular sites (OCN, etc) and all of sudden I've got quite a mess of passwords.

Having some sort of password management would be a huge help to me.
That's what happened to me. I never really had many sites that I logged onto, until I started using more and more services online. I thought one or two passwords were good enough until I got keylogged and .... I sure was wrong.

I'd love for someone to say they have never had a problem with having one or two passwords until they get keylogged and loose a lot of their accounts and have to go through the headache of getting them back.
post #65 of 89
Online password repositories scare me, same with data backup.

I know all my passwords, and have them encrypted to a local truecrypt volume.

I know that in principle, this is the same thing, but I don't like the idea of having my passwords stored (encrypted or not) on an external server that I don't have access to physically. To me, that just seems like an unnecessary risk.

I know I know, get used to it.
    
CPUMotherboardGraphicsRAM
Phenom II X3 720 @ 3.5 (1.39v) Gigabyte GA-MA790XT-UD4P ASUS 5850 @ 880/1180 (1.118v) 4gb 1333mhz G.Skill DDR3 
Hard DriveHard DriveHard DriveHard Drive
64gb Crucial M4 SSD 3x 250gb WD2500JD - RAID0 1tb WD1001FALS 1tb WD10EARS 
Optical DriveCoolingOSMonitor
Pioneer DLDVD/CDRW Arctic Freezer Pro 64 Win 7 64bit Ultimate E2305 LG 23" LED 
KeyboardPowerCaseMouse
Filco Majestouch II Ninja Tenkeyless Fortron BlueStorm II 500w CM 690II Advanced Razer DeathAdder 
Mouse PadAudioAudio
generic Echo Miamidi PCI M-Audio BX5a Studio Monitors 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Phenom II X3 720 @ 3.5 (1.39v) Gigabyte GA-MA790XT-UD4P ASUS 5850 @ 880/1180 (1.118v) 4gb 1333mhz G.Skill DDR3 
Hard DriveHard DriveHard DriveHard Drive
64gb Crucial M4 SSD 3x 250gb WD2500JD - RAID0 1tb WD1001FALS 1tb WD10EARS 
Optical DriveCoolingOSMonitor
Pioneer DLDVD/CDRW Arctic Freezer Pro 64 Win 7 64bit Ultimate E2305 LG 23" LED 
KeyboardPowerCaseMouse
Filco Majestouch II Ninja Tenkeyless Fortron BlueStorm II 500w CM 690II Advanced Razer DeathAdder 
Mouse PadAudioAudio
generic Echo Miamidi PCI M-Audio BX5a Studio Monitors 
  hide details  
Reply
post #66 of 89
Quote:
Originally Posted by _02 View Post
Online password repositories scare me, same with data backup.

I know all my passwords, and have them encrypted to a local truecrypt volume.

I know that in principle, this is the same thing, but I don't like the idea of having my passwords stored (encrypted or not) on an external server that I don't have access to physically. To me, that just seems like an unnecessary risk.

I know I know, get used to it.
It's just like trusting a company like DropBox with your files.
Just like trusting Google with your email services/documents/calendar etc.
Or putting your trust in services like Carbonite etc.

I hate the way that things are going in the terms of technology (the cloud), but I mean.... the more and more we are connected. The more and more we have to rely on these technologies since they make life a little bit easier.
post #67 of 89
Quote:
Originally Posted by mbudden View Post
Seems like it's back down again. At least, I can't access my settings page. Still getting the "Oops" message.
Pit Stop
(35 items)
 
  
CPUMotherboardGraphicsRAM
1090T Gigabyte 990FXA-UD5 MSi ref. 6950 2GB unlocked 4GB STT WX200UB2G7 
Hard DriveHard DriveOptical DriveCooling
Samsung F3 Crucial M4 Teac slim slot load DIYINHK Toshiba pwm pump controller upgrade 
CoolingCoolingCoolingCooling
Yate Loon D12SH-12 Silverstone SST-AP181 Koolance DDC pump housing/heasink Sunon 60 mm cooling fan for pump housing 
CoolingCoolingCoolingCooling
Bitspower 7/16" Black Sparkle compression fitt... Bitspower Black Sparkle 90 degree double rotary... Bitspower 45 degree rotary fittings Primochill LRT UV blue tubing 
CoolingCoolingCoolingCooling
XSPC Rasa cpu block XSPC RX-240 radiator XSPC DDC res. top Laing DDC-1  
OSMonitorKeyboardPower
7 Professional Samsung EX-2220 Das Professional Seasonic's dead :( 
CaseMouseMouse PadAudio
Lian Li T60-B PureTrak Valor Ratpadz GS Auzentech X-plosion 7.1 
AudioAudioAudioOther
AKG K701's Lil Dot MK.III hp amp Burr-Brown OPA627SM opamp upgrade Custom built MTM style transmission line 
OtherOtherOther
Various amps. Custom built MTM style transmission line 15" Dayton Titanic MK.III 
  hide details  
Reply
Pit Stop
(35 items)
 
  
CPUMotherboardGraphicsRAM
1090T Gigabyte 990FXA-UD5 MSi ref. 6950 2GB unlocked 4GB STT WX200UB2G7 
Hard DriveHard DriveOptical DriveCooling
Samsung F3 Crucial M4 Teac slim slot load DIYINHK Toshiba pwm pump controller upgrade 
CoolingCoolingCoolingCooling
Yate Loon D12SH-12 Silverstone SST-AP181 Koolance DDC pump housing/heasink Sunon 60 mm cooling fan for pump housing 
CoolingCoolingCoolingCooling
Bitspower 7/16" Black Sparkle compression fitt... Bitspower Black Sparkle 90 degree double rotary... Bitspower 45 degree rotary fittings Primochill LRT UV blue tubing 
CoolingCoolingCoolingCooling
XSPC Rasa cpu block XSPC RX-240 radiator XSPC DDC res. top Laing DDC-1  
OSMonitorKeyboardPower
7 Professional Samsung EX-2220 Das Professional Seasonic's dead :( 
CaseMouseMouse PadAudio
Lian Li T60-B PureTrak Valor Ratpadz GS Auzentech X-plosion 7.1 
AudioAudioAudioOther
AKG K701's Lil Dot MK.III hp amp Burr-Brown OPA627SM opamp upgrade Custom built MTM style transmission line 
OtherOtherOther
Various amps. Custom built MTM style transmission line 15" Dayton Titanic MK.III 
  hide details  
Reply
post #68 of 89
Quote:
Originally Posted by Lucky 13 SpeedShop View Post
Seems like it's back down again. At least, I can't access my settings page. Still getting the "Oops" message.
Really? It's working for me.

But I think you're trying to change your password.
They did state this on that page I linked to their blog.

Quote:
Currently we're not allowing users to change master passwords until our databases are completely caught up and we have resolved outstanding issues. We will update our users via the blog when it is possible to do so.
post #69 of 89
Quote:
Originally Posted by DayoftheGreek View Post
If I use lastpass to generate new, strong passwords for all my current logins, how will I access the strong passwords to log into websites when I am not at my home computer? For example, if I make my OCN password 9348039huhgf948gf98g4f3GIFG(!&, how will I be able to log into OCN at work where I cannot install lastpass?
You can access your lastpass vault by logging into the site and copy paste it, or you could do what I do and have a portable browser on a USB flash drive with it installed.
    
CPUMotherboardGraphicsRAM
Intel Core i5 3570k @ 4.5Ghz ASRock Z77 Pro3 Powercolor Radeon HD7950 3GB @ 1150/1350 4x4GB G.Skill Ares 2000Mhz CL9 
Hard DriveHard DriveHard DriveHard Drive
Samsung 840 250GB Western Digital Black 1TB WD1002FAEX Seagate Barracuda 3TB ST3000DM001 Samsung Spinpoint EcoGreen 2TB 
Optical DriveCoolingCoolingCooling
Pioneer DVR-220LBKS Noctua NH-D14 Scythe Gentle Typhoon 1850rpm Corsair AF140 Quiet Edition 
CoolingOSMonitorMonitor
Arcitc Cooling Acclero Twin Turbo II Arch Linux x86-64, amdgpu BenQ G2220HD BenQ G2020HD 
KeyboardPowerCaseMouse
Ducky Shine III Year of the Snake, Cherry Blue Silverstone Strider Plus 600w CoolerMaster CM690 II Black and White SteelSeries Sensei Professional 
Mouse PadAudioOther
Artisan Hien Mid Japan Black Large ASUS Xonar DX NZXT Sentry Mesh 30w Fan Controller 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core i5 3570k @ 4.5Ghz ASRock Z77 Pro3 Powercolor Radeon HD7950 3GB @ 1150/1350 4x4GB G.Skill Ares 2000Mhz CL9 
Hard DriveHard DriveHard DriveHard Drive
Samsung 840 250GB Western Digital Black 1TB WD1002FAEX Seagate Barracuda 3TB ST3000DM001 Samsung Spinpoint EcoGreen 2TB 
Optical DriveCoolingCoolingCooling
Pioneer DVR-220LBKS Noctua NH-D14 Scythe Gentle Typhoon 1850rpm Corsair AF140 Quiet Edition 
CoolingOSMonitorMonitor
Arcitc Cooling Acclero Twin Turbo II Arch Linux x86-64, amdgpu BenQ G2220HD BenQ G2020HD 
KeyboardPowerCaseMouse
Ducky Shine III Year of the Snake, Cherry Blue Silverstone Strider Plus 600w CoolerMaster CM690 II Black and White SteelSeries Sensei Professional 
Mouse PadAudioOther
Artisan Hien Mid Japan Black Large ASUS Xonar DX NZXT Sentry Mesh 30w Fan Controller 
  hide details  
Reply
post #70 of 89
Is a asdfhjnqeffg46523423#@$#43242342344324#$ password really needed? There are plenty of other ways to make a secure password and make it memorable.
Lawlputer
(18 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom X3 720 BE 3.5Ghz Asus Crosshair IV Formula VisionTek 6950 2GB G.SKILL 2x4GB Ripjaws X DDR3 2133 
Hard DriveHard DriveHard DriveHard Drive
OCZ Vertex WD Caviar Green WD Caviar Green WD Caviar Green 
Hard DriveOptical DriveOptical DriveOS
WD Caviar Black Pioneer DVD Burner LiteOn DVD Burner Windows 7 Ultimate 64-Bit 
MonitorKeyboardPowerCase
Asus VW266H 25.5" Microsoft Reclusa Gaming Keyboard Antec Truepower Quattro 850W CoolerMaster HAF 932 Limited AMD Edition 
Mouse
Logitech MX518 
  hide details  
Reply
Lawlputer
(18 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom X3 720 BE 3.5Ghz Asus Crosshair IV Formula VisionTek 6950 2GB G.SKILL 2x4GB Ripjaws X DDR3 2133 
Hard DriveHard DriveHard DriveHard Drive
OCZ Vertex WD Caviar Green WD Caviar Green WD Caviar Green 
Hard DriveOptical DriveOptical DriveOS
WD Caviar Black Pioneer DVD Burner LiteOn DVD Burner Windows 7 Ultimate 64-Bit 
MonitorKeyboardPowerCase
Asus VW266H 25.5" Microsoft Reclusa Gaming Keyboard Antec Truepower Quattro 850W CoolerMaster HAF 932 Limited AMD Edition 
Mouse
Logitech MX518 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Rumors and Unconfirmed Articles
Overclock.net › Forums › Industry News › Rumors and Unconfirmed Articles › [/.] LastPass may have been hacked