Page 1 of 1

LP Data Storage in US is safe from govt eyes?

PostPosted: Mon Sep 15, 2014 7:19 am
by daveudon
I see from my iPad app Settings that my LP Data Storage facility is in the US. I am ex-USA and would prefer my data storage to be ex-USA also.

My concerns may be unfounded, since LP does not have access to my local master password. But is the data encryption up to GPG RSA 4096 standards?

Could someone point me to posts on this subject, or perhaps news stories, or LP corporate statements? I have searched here, but found nothing. I have also submitted a support ticket but as a trial premium member for the next 14 days, I do not expect a quick response.

My email server data has been moved offshore, GPG installed on all devices for correspondence, and using better passwords with LP's help is the current next step. (We need GPG here in Thailand because discussion of sensitive subjects carries heavy jail terms...)

So far, my LP trial experience has been great!

Regards -- Dave in Udon

Re: LP Data Storage in US is safe from govt eyes?

PostPosted: Tue Sep 16, 2014 12:56 pm
by brantgurga
I believe the ability to change your data center location is not quite active but is there to address situations like yours. In general though, provided you trust LastPass to have implemented their product they way they've said and there's no implementation flaws, all the data they have is encrypted gibberish to which they have no key. So while a government might compel them to turn over the encrypted blob, they have to resort to brute force to decrypt it.

Re: LP Data Storage in US is safe from govt eyes?

PostPosted: Tue Sep 16, 2014 6:49 pm
by daveudon
Thanks for your quick reply and thoughts. I have found a lot of blogs on the subject on the LP site and elsewhere.
My mind is at rest...
Rgds