Have questions about LastPass, or having problems using it? Ask for help here!
Moderators: admin, anatoly_LP, chantieLP, Israel, JoeSiegrist, robyn
After happily (and proudly) having utilized LP for a decade (or more?), I just now happened upon this article, and am now terribly concerned about my banking/account information (my $$$!!!!).
Can someone PLEASE help assuage my sudden fear(s)https://www.networkworld.com/article/31 ... sions.html
Thanks in advance,
- Posts: 2
- Joined: Sat Jul 21, 2018 7:30 pm
Form fills are user initiated and there is an additional confirmation before LastPass will fill a form into a site. Websites cannot simply scrape payment information contained in those profiles without your authorization. Simply exercise good practices to prevent phishing attacks and you'll be fine.
- Posts: 8290
- Joined: Tue Mar 06, 2012 9:10 pm
There were indeed two serious bugs in LastPass found by Tavis Ormandy last year, but both were fixed quickly.
No software can be free of bugs. The important thing is to see how much public scrutiny they face, and how positive and quick their responses are. LastPass has shown to be rather good on both metrics.
Another point in your linked article is that any browser based password manager cannot be trusted. This is a position held by a limited number of people in the infosec circle. The basis of this position is that browser extensions have a larger attack surface than a pure desktop application. While this basis is true, it doesn't make browser based password managers fundamentally insecure. It only means that there may be a higher chance of an exploitable bug in browser based password managers. This risk can be mitigated by public scrutiny, good development practice, and good browsing habits.
On the other hand, browser-based password managers are fundamentally more convenient. A convenient password manager that people actually consistently use is still better than an inconvenient (though theoretically lower risk) password manager that people don't use.
- Posts: 708
- Joined: Wed Mar 18, 2015 12:04 pm
Return to General Support & Troubleshooting
Who is online
Users browsing this forum: AdsBot [Google], Google Feedfetcher and 65 guests