Overclock.net › Forums › Industry News › Software News ›  [BETANEWS]LastPass has serious flaw called 'LostPass' -- your passwords and more are at risk
New Posts  All Forums:Forum Nav:

[BETANEWS]LastPass has serious flaw called 'LostPass' -- your passwords and more are at risk - Page 12  

post #111 of 144
Quote:
Originally Posted by Shaded War View Post

In either scenario you are trusting a singular password to protect multiple website accounts. How can you argue it's any more secure? You are holding all your passwords and login name / email in one online location only guarded by a single password that is just as able to be hacked. Once its compromised, so is everything else linked to it.

In fact, I'll argue it's worse to use LastPass than the same password on every website without LastPass. If you had the same password on every site, you still need the account name / emails for the other sites. With LastPass it just gives a complete open door to every account you have linked with it.

You need to think about what you are getting yourself into with password saving software. I prefer to use my brain to remember passwords than online software that anyone could eventually access. At least that way, only one password could potentially get compromised instead of all of them at once.

I agree with you. You can't talk about password security and a password manager in the same sentence. If you are letting your passwords be managed by a program, you've instantly given away the security of those passwords being only located in your own brain. All it would take is them to add features to the program and make a mistake, and you may be exposed someway.
post #112 of 144
Quote:
Originally Posted by PostalTwinkie View Post

Actually my point, repeated several times, is that trusting a 3rd party with your password is inherently less secure than managing it yourself.

You aren't trusting a 3rd party with your passwords. You're trusting a 3rd party with a blob of encrypted data which happens to contain your passwords, and which they never see in unencrypted form.
zomg an compooter
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7-6700K Z170-DELUXE NVIDIA GeForce GTX 660 Ti G Skill Ripjaws V F4-3200C16D-16GVK 
Hard DriveHard DriveOptical DriveOS
Samsung 840 EVO Samsung HD103SJ LG GH24LS70 Windows 7 Pro 
MonitorKeyboardPowerCase
Dell U2312HM Corsair K70 RGB EVGA 850 P2 Corsair 450D 
MouseAudio
Roccat Kone XTD AKG K553 
  hide details  
zomg an compooter
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7-6700K Z170-DELUXE NVIDIA GeForce GTX 660 Ti G Skill Ripjaws V F4-3200C16D-16GVK 
Hard DriveHard DriveOptical DriveOS
Samsung 840 EVO Samsung HD103SJ LG GH24LS70 Windows 7 Pro 
MonitorKeyboardPowerCase
Dell U2312HM Corsair K70 RGB EVGA 850 P2 Corsair 450D 
MouseAudio
Roccat Kone XTD AKG K553 
  hide details  
post #113 of 144
LastPass has made some changes to mitigate this attack vector: http://www.maximumpc.com/lastpass-increases-security-to-thwart-phishing-attacks/

Quote:
Originally Posted by MadRabbit View Post

It all depends on where the leak came from I guess. And it also depends what sites you use. I mean, forums, I really doubt anyone would even bother "hacking" them. But Facebook and such (if you use them) maybe...

I don't have any social media thankfully. And locally most things are done over encrypted ID logins.

Even if someone gets your forum account password you can always contact the forum owner and let them generate some random one for you again. I think...
Not true.... forums are attacked all the time.

Passwords, password variations, emails, user names, real names, birthdays.... all valuable information in volume.

Get a few large datasets from forum hacks... give to a data scientist... have fun with some bank accounts.

Quote:
Originally Posted by benbenkr View Post

I use my brain.
It's free, everyone has it.

Try it out guys. wink.gif
Can you remember 100+ randomly generated 16 character passwords?

Quote:
Originally Posted by PriestOfSin View Post

I just keep a journal of my passwords... you know, on paper. Offline.
Do you bring that journal around everywhere?

How about if you lost that journal you bring around?

Quote:
Originally Posted by guitarmageddon88 View Post

Uhhh....hey, geniuses....

Here's a novel idea.

Print out a piece of paper, write them down...and HIDE IT.

Now, just dont forget where you hide it. thumb.gif
Ahhh.... you still need to pull the paper out to use it... at home, on the train, at work...

A piece of paper is less secure than an encrypted file.
Quote:
Originally Posted by MadRabbit View Post

One way is for sites to force their users to change passwords after X amount of time. That should lower the risk somewhat.
Not really... password rotation really doesn't help all that much. Most security experts would probably say there are 4-6 better policies to implement to increase security.

Most people do stupid stuff like "password1, password2". (See password variation above!)

Quote:
Originally Posted by Pip Boy View Post

Agree,

The in your head or paper system works best. There is no better. Using extremely complex passwords other than just a fairly standard password with some extra bits added has been pretty much proven to be about the same level of security, further more with two factor mobile / email authentication the central text password again doesnt need to be some mythical 64 character beast.
Where did you come up with this?

What security expert recommends a paper system? Again, an encrypted file is vastly more secure.

The moment a password becomes "standard"... it's already loaded into a dictionary. Combinator brute-force can take care of a few extra bits.

Quote:
Originally Posted by Pip Boy View Post

unless you have a really bad memory or hate paper then your going to have to fess up and admit people who use lastpass style password managers are being lazy. Its just a fast way to not bother with something.
I have 100+ personal passwords.... 300+ work-related passwords....

I don't have a bad memory... I have better use of my time.


Quote:
Originally Posted by Pip Boy View Post

btw, has it occurred to anyone to use a cheap $5 or spare USB pen to store a password with a encrypted container on it ? enter a central password to open it and then just have a text document inside.. I mean, that way its majority offline and portable. Not exactly rocket science. Again, convenience vs effort.
Yeah... except if get corrupted. You could keep a copy but sync is a hassle.

Or... keep your encrypted file in the cloud. As long as you have a strong password and trust strong crypto, then you're fine.

Wait... that's LastPass and other password managers do. You can roll your own as well.... Place a KeePass on DropBox or Google. Note, there have been malware that attempted to specifically look for the data in-flight as it is unencrypted.


Quote:
Originally Posted by anti-clockwize View Post

I agree with you. You can't talk about password security and a password manager in the same sentence. If you are letting your passwords be managed by a program, you've instantly given away the security of those passwords being only located in your own brain. All it would take is them to add features to the program and make a mistake, and you may be exposed someway.
Sure, you can. Ask most security experts.... Password managers are one of the top recommendation. They balance portability and convenience with security.

Again, how can you securely handle 100+ randomly generated 16-char passwords reasonably?

Quote:
Originally Posted by anti-clockwize View Post

yeah same, i dont trust any manager of my passwords. I keep 5 passwords in my head at all times, of varying grades of complexity depending on what i'm signing up for. Every month or so i'll change one of them so I don't have to remember 5 new passwords at the same time.
Passwords reuse is not a good thing...

Just because you think an account isn't THAT important... that information can be used to build a profile or attack you in unexpected ways.


A great example is Mat Honan hack: http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/
Quote:
But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.

Edited by DuckieHo - 1/19/16 at 11:29pm
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
post #114 of 144
Quote:
Originally Posted by PostalTwinkie View Post

That is fine, you don't have to listen to a provider, and someone who deals with this as a profession. As it is more than clear you know what is up.

Better not listen to those doctors or any other person who works in a specialty field that you don't.

I'm listening, I'm just not hearing anything that convinces me. Your arguments so far have mostly been along the lines of "what I say is true", "trust me" and "I'm in the field".
Quote:
Originally Posted by PostalTwinkie View Post

I couldn't care less what people feel at that point. As I have spent the better part of the last 15 years fixing the mistakes of people who can't manage their own passwords. Who have been consistently compromised, while having used password wallets.

Literally thousands of people getting "hacked!!!!", but of course it is never them.....

Edit:

Or the ever awesome "I am not on 'my' computer, and can't get into my account. Can you log in and read me my emails?". Literally a common phone call my techs get, because people can't bother to assume responsibility for their own credentials.

So, these are the types of people you deal with, yet you are totally sure that it is the password manager's fault when something goes wrong? Okay.
Quote:
Originally Posted by PostalTwinkie View Post

The point is, as this very thread in itself should highlight, there are better options a person can take than relying on a 3rd party to manage their passwords. It is that simple.

This isn't even my opinion, it is fact.

It is not a fact, it is your opinion. "Better" is subjective. I suggest you go back and read Zero4549's post, because that is exactly what this is about. You still haven't presented anything to back up your arguments that LastPass isn't secure enough and convinced me that I need better security.
 
Portable Desktop
(12 items)
 
Console Cave
(11 items)
 
CPUMotherboardGraphicsRAM
Intel Core i5 2500K ASRock P67 Extreme4 ASUS GTX 670 DCII Kingston HyperX Fury 
Hard DriveHard DriveHard DriveHard Drive
Seagate 600 Samsung Spinpoint F4 Seagate Barracuda Green Seagate Desktop 
Hard DriveHard DriveHard DriveHard Drive
Seagate FreeAgent GoFlex Seagate Expansion Desktop Maxtor Basics Seagate Backup Plus Portable 
Optical DriveCoolingCoolingCooling
Samsung SE-208AB Thermalright Archon (Rev. A) 2x Phanteks PH-F140HP_BL (CPU) 2x Noctua NF-A14 PWM (Intake) 
CoolingCoolingOSMonitor
Thermalright TY-150 (Exhaust) Noctua NF-S12A PWM (Exhaust) Windows 10 Pro DELL UltraSharp U2711 
KeyboardPowerCaseMouse
QPAD MK-80 Pro SeaSonic X-560 Lian Li PC-P50WB Func MS-3 R2 
Mouse PadAudioAudioAudio
SteelSeries QcK Creative Sound Blaster Z Swans M10 Creative Aurvana Live! 
Other
Lian Li LED50 
CPUMotherboardGraphicsGraphics
Intel Pentium G3258 ASUS H81I-PLUS Intel HD Graphics ASUS GTX 670 DirectCU II 
RAMHard DriveCoolingOS
Corsair Vengeance LP OCZ Vector Scythe Big Shuriken 2 rev. B Windows 10 Pro N 
MonitorMonitorPowerCase
LG PA70G BenQ G2420HDBL Cooler Master B500 ver.2 Cooler Master Elite 130 
MonitorAudioAudioOther
LG PA70G Yamaha HTR-3065 Andersson SRP 2.5 PlayStation 
OtherOtherOtherOther
PlayStation 2 Gamecube Dreamcast Xbox 
OtherOtherOther
Xbox 360 PlayStation 3 Wii 
  hide details  
 
Portable Desktop
(12 items)
 
Console Cave
(11 items)
 
CPUMotherboardGraphicsRAM
Intel Core i5 2500K ASRock P67 Extreme4 ASUS GTX 670 DCII Kingston HyperX Fury 
Hard DriveHard DriveHard DriveHard Drive
Seagate 600 Samsung Spinpoint F4 Seagate Barracuda Green Seagate Desktop 
Hard DriveHard DriveHard DriveHard Drive
Seagate FreeAgent GoFlex Seagate Expansion Desktop Maxtor Basics Seagate Backup Plus Portable 
Optical DriveCoolingCoolingCooling
Samsung SE-208AB Thermalright Archon (Rev. A) 2x Phanteks PH-F140HP_BL (CPU) 2x Noctua NF-A14 PWM (Intake) 
CoolingCoolingOSMonitor
Thermalright TY-150 (Exhaust) Noctua NF-S12A PWM (Exhaust) Windows 10 Pro DELL UltraSharp U2711 
KeyboardPowerCaseMouse
QPAD MK-80 Pro SeaSonic X-560 Lian Li PC-P50WB Func MS-3 R2 
Mouse PadAudioAudioAudio
SteelSeries QcK Creative Sound Blaster Z Swans M10 Creative Aurvana Live! 
Other
Lian Li LED50 
CPUMotherboardGraphicsGraphics
Intel Pentium G3258 ASUS H81I-PLUS Intel HD Graphics ASUS GTX 670 DirectCU II 
RAMHard DriveCoolingOS
Corsair Vengeance LP OCZ Vector Scythe Big Shuriken 2 rev. B Windows 10 Pro N 
MonitorMonitorPowerCase
LG PA70G BenQ G2420HDBL Cooler Master B500 ver.2 Cooler Master Elite 130 
MonitorAudioAudioOther
LG PA70G Yamaha HTR-3065 Andersson SRP 2.5 PlayStation 
OtherOtherOtherOther
PlayStation 2 Gamecube Dreamcast Xbox 
OtherOtherOther
Xbox 360 PlayStation 3 Wii 
  hide details  
post #115 of 144
Quote:
Originally Posted by PostalTwinkie View Post

Actually, if you read what was going on, and how LostPass is working, you would see that it is exploiting shortcomings in how LastPass functions, explicitly at the end-user level.

I like how you guys keep trying to make this personal, while dodging the actual issue. The objective fact that a password wallet isn't as secure as people think they are, or at least not as secure as managing your own passwords. You don't have to attack the password, when a password wallet is being used, you just have to attack the wallet (software). Either directly through flaws in the code itself, or in its behavior (in the case of phising).

EDIT:

https://www.seancassidy.me/lostpass.html
Although the above (sending the e-mail) only applies if you aren't using second factor authentication. Oddly enough LastPass opted to not send the e-mail if you have two factor authentication. One of those "convenience" things I suppose.

Additionally....
Yea, totally secure.....

As we all know, total security is not possible, no matter what. The goal of any person or organization should not be to achieve perfection, but to minimize risk of breach or loss to the maximum extent possible, while still maintaining a reasonable (read: enjoyable) end-user experience. What good is a system if no one wants to use it?

Yes, this phising attack vector is serious, and this isn't the first time this concept has been brought up in regards to LastPass (although it is, to my knowledge, the first time someone has developed the exploit). However, I will still continue to recommend password managers, like LastPass, to friends, family, and clients. Yes, it's true that your LastPass password is basically the key to the kingdom, but with 2FA and the "zero-knowledge" encryption scheme, they've taken a very big target, and made hundreds of thousand very, very small and difficult ones. This means that your odds of losing your shirt are extremely low, even if LastPass itself is hit (which, by the way, it was), while still maintaining a high level of usability.

First, sometimes it's difficult to imagine a situation in which you lose all your hand-written passwords, but it does happen more often than you might think. I can't tell you how many times I've seen a coworker get interrupted while looking up a password, and subsequently leave their tablet on their desk in the wide-open for all to see. I know two people that have had their laptop bags stolen, which contained their hand-written passwords, since they needed them while they traveled. There are also horror stories around of sysadmins that lose access to all of their systems due to a structure fire, spending months recovering from it.

Don't get me started on the countless lost password spreadsheets due to hard drive failures. Or my most favorite, unencrypted password documents found on company shared drives.

Second, reusing passwords across multiple sites (particularly those that don't offer 2FA) is probably one of the biggest threats to a user's security today. If you think of it from an attack surface standpoint, you're increasing your odds of becoming a victim, and increasing the amount of potential loss, with each subsequent use of that password. If there is one thing I hope everyone does, no matter how they do it, is utilize a different password for every service they use. Particularly the major and sensitive ones. Hell, I was sitting right next to my buddy when his Origin account was taken over due to password reuse that was in a database dump (from LinkedIn, I think).

Password managers like LastPass accomplish exactly what they set out to do: They make password and sensitive data management more secure and more robust than the average user's pen and paper storage and password reuse, but also make it easy enough to use that Mom and Dad won't get frustrated, quit using it, and go back to using a single password for every single service.

Nothing was, is, or will be totally secure, so one must strike a balance between convenience and security however they see fit. If you think that you can safely maintain a hand-written list of tens (maybe hundreds) of unique passwords, more power to you! However, I think writing off any and all password managers simply because technology can inherently have vulnerabilities is kind of like removing the windows on your house because they can be circumvented with a hammer.

There we go, my ramble of the day. smile.gif
Perpetual Upgrade
(17 items)
 
Server
(17 items)
 
Galago UltraPro
(9 items)
 
CPUMotherboardGraphicsRAM
i7-4770K MSI Z97M Gaming Zotac GTX 1080 AMP! Edition (2x4GB) Corsair DDR3-2000 
Hard DriveHard DriveCoolingCooling
128GB Crucial M4 (2x) 500GB RAID 0 Swiftech Apogee Black Ice GT Stealth 240 
OSKeyboardPowerCase
Windows 10 Pro 64bit Corsair K70 Vengence Seasonic X650 Aerocool DS Cube 
MouseAudio
Logitech G500 ASUS Xonar DX 
CPUMotherboardGraphicsRAM
Phenom II X4 965 MSI 870A-G54 nVidia 8400GS (2x2GB) Patriot DDR3-1600 
RAMHard DriveHard DriveCooling
(2x4GB) Patriot DDR3-1600 (3x) 320GB RAID 5 (1x) 1TB Backup Storage Coolermaster TX3 
OSPowerOther
Proxmox Hypervisor Antec TruePower 430W HP Smart Array P400 
CPUGraphicsRAMHard Drive
Intel i7-4750HQ Intel Iris Pro Graphics 5200  (2 x 4GB) DDR3-1600 90GB Intel mSATA SSD 
Hard DriveOSOSMonitor
500GB 5400RPM HDD Ubuntu Gnome 15.10 Windows 10 14" 1080p ColorPro IPS 
Case
Galago UltraPro 
  hide details  
Perpetual Upgrade
(17 items)
 
Server
(17 items)
 
Galago UltraPro
(9 items)
 
CPUMotherboardGraphicsRAM
i7-4770K MSI Z97M Gaming Zotac GTX 1080 AMP! Edition (2x4GB) Corsair DDR3-2000 
Hard DriveHard DriveCoolingCooling
128GB Crucial M4 (2x) 500GB RAID 0 Swiftech Apogee Black Ice GT Stealth 240 
OSKeyboardPowerCase
Windows 10 Pro 64bit Corsair K70 Vengence Seasonic X650 Aerocool DS Cube 
MouseAudio
Logitech G500 ASUS Xonar DX 
CPUMotherboardGraphicsRAM
Phenom II X4 965 MSI 870A-G54 nVidia 8400GS (2x2GB) Patriot DDR3-1600 
RAMHard DriveHard DriveCooling
(2x4GB) Patriot DDR3-1600 (3x) 320GB RAID 5 (1x) 1TB Backup Storage Coolermaster TX3 
OSPowerOther
Proxmox Hypervisor Antec TruePower 430W HP Smart Array P400 
CPUGraphicsRAMHard Drive
Intel i7-4750HQ Intel Iris Pro Graphics 5200  (2 x 4GB) DDR3-1600 90GB Intel mSATA SSD 
Hard DriveOSOSMonitor
500GB 5400RPM HDD Ubuntu Gnome 15.10 Windows 10 14" 1080p ColorPro IPS 
Case
Galago UltraPro 
  hide details  
post #116 of 144
Quote:
Originally Posted by PostalTwinkie View Post

The point is, as this very thread in itself should highlight, there are better options a person can take than relying on a 3rd party to manage their passwords. It is that simple.

This isn't even my opinion, it is fact.
No, it's your opinion. To be concise.... People use the 3rd party for an interface to encrypting and decrypting a file containing their passwords. The 3rd party is NOT managing the passwords directly. This is an extremely important distinction.

Password mangers and keystores are regularly recommended by security experts and implemented in the enterprise.

What solution do you have on managing, sharing, delegating, revoking, and changing 100+ or 1000+ secure passwords?
If a solution at that scale works effectively and utilized to secure trillions of dollars of corporate value, why wouldn't the same solution work at an individual level?
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
post #117 of 144
hey hey whoa there, just because you're retired staff no need to bring some sanity to the thread!
Just a 'puter
(18 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 6700K ASUS Maximus VIII Hero iGPU thanks to Nvidia 970 3.5GB Corsair Vengeance LPX CMK8GX4M2B3200C16 
Hard DriveHard DriveCoolingCooling
Samsung 950 PRO 512GB Crucial M4 256GB RX360 V3 Koolance CPU-380I 
CoolingCoolingOSMonitor
Koolance RP-452X2 Reservoir Koolance PMP-450 12V Variable Speed Pump Windows 10 Pro x64 benq XL2411Z 
KeyboardPowerCaseMouse
logitech G510 Seasonic X-760 Corsair 800D Mionix Castor 
AudioAudio
Creative Sound Blaster X-Fi Titanium HD DT 990 Premium 250Ohm 
  hide details  
Just a 'puter
(18 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 6700K ASUS Maximus VIII Hero iGPU thanks to Nvidia 970 3.5GB Corsair Vengeance LPX CMK8GX4M2B3200C16 
Hard DriveHard DriveCoolingCooling
Samsung 950 PRO 512GB Crucial M4 256GB RX360 V3 Koolance CPU-380I 
CoolingCoolingOSMonitor
Koolance RP-452X2 Reservoir Koolance PMP-450 12V Variable Speed Pump Windows 10 Pro x64 benq XL2411Z 
KeyboardPowerCaseMouse
logitech G510 Seasonic X-760 Corsair 800D Mionix Castor 
AudioAudio
Creative Sound Blaster X-Fi Titanium HD DT 990 Premium 250Ohm 
  hide details  
post #118 of 144
Quote:
Originally Posted by DuckieHo View Post

What solution do you have on managing, sharing, delegating, revoking, and changing 100+ or 1000+ secure passwords?

Sharing is the big one. Great, you've remembered it. Now you need 20 other people to remember it too, or write it down 20 more times, or share a piece of paper between those people.
Edited by randomizer - 1/20/16 at 4:18am
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
post #119 of 144
I love lastpass, I am married. If I die and my wife needs a password, she knows the lastpass password and everything else is taken care of. The other options would be for us both to memorize every password or to write them down and put them in a vault. Lastpass is easier.
post #120 of 144
Quote:
Originally Posted by DuckieHo View Post


How about if you lost that journal you bring around?
Ahhh.... you still need to pull the paper out to use it... at home, on the train, at work...

Good point. I'm lucky enough that I only have a few passwords that I *must* remember in my life. Work, work email, personal computer. I just remember them.
My Rig
(12 items)
 
Wife's Rig
(10 items)
 
 
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8 1.3v Asrock X370 Taichi EVGA GTX1080Ti SC Black 16GB G.Skill DDR4-3200 CL 14 
Hard DriveHard DriveHard DriveHard Drive
480GB PNY SSD 500GB Samsung 960 EVO M.2 SSD 3TB Seagate Barracuda 7,200RPM 240GB Kingston SSD 
CoolingOSPowerCase
Cryorig H5 Universal Windows 10 Home 64-bit Seasonic 750W 80+ Gold Phanteks Eclipse P400 
  hide details  
My Rig
(12 items)
 
Wife's Rig
(10 items)
 
 
CPUMotherboardGraphicsRAM
Ryzen 1700 @ 3.8 1.3v Asrock X370 Taichi EVGA GTX1080Ti SC Black 16GB G.Skill DDR4-3200 CL 14 
Hard DriveHard DriveHard DriveHard Drive
480GB PNY SSD 500GB Samsung 960 EVO M.2 SSD 3TB Seagate Barracuda 7,200RPM 240GB Kingston SSD 
CoolingOSPowerCase
Cryorig H5 Universal Windows 10 Home 64-bit Seasonic 750W 80+ Gold Phanteks Eclipse P400 
  hide details  
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
This thread is locked  
Overclock.net › Forums › Industry News › Software News ›  [BETANEWS]LastPass has serious flaw called 'LostPass' -- your passwords and more are at risk