Avian00 Wrote:I'm a little confused about something. In your version 1.28 announcement, you say 2 things that trouble me:
2) "We now cover nearly 1500 TLDs properly, some TLDs like com.ru were missed before"
One of the features that we wanted to do that no other password manager has done, is allow you the option of easily seeing passwords you created for other hosts in the same domain -- this worked great until we hit a TLD that we didn't know (like com.ru) so we were showing different domains as the same in that case -- TLDs do not change very often, and I'm not concerned about keeping up with this, and think it's a good approach (though we need to make it clear to people that we order based on best URL match, then best hostname match, then last usage, then alphabetical, so they really don't need us to be 'hostname specific')
Avian00 Wrote:By quantifying your level of support with a finite number, and by announcing a for a particular site's compatibility, you seem to be indicating support for sites is being done a per-site basis. Why is this? Why is your software not simply taking the domain name from the URL and mapping that to Username and Password fields and automatically filling in the web form? In my brief experience with 1Password, the software simply runs in the background (with apparently no prior knowledge about any of the sites I visit), and the instant it detects that I've submitted username and password form data, it simply grabs them and stores them for later automatic filling. Does LastPass not operate on this same principle? If so, why the need to configure the software for compatibility on a per-site basis? This seems troublesome with potential a lot of overhead. What happens if a site re-arranges its forms at a later date? Would LastPass fall apart and not know what to do?
We have bent over backwards to make everything 'generally applicable'; we don't want to have a product that will break when the next generation comes around -- that being said, when we've exhausted what we could be seen again, we've contemplated doing something custom for that site. Our hope is at worst for these sites, you can still cut&paste your passwords out, easier than other products, and if what we're doing works you'll be able to automatically login when you otherwise couldn't.
This still may not be the answer though; and we're exploring with ways the community can help us stay on top of sites that go out of their way to break password managers.