LP - Exporting and Importing

Tell us what features would make LastPass even better and vote for features that are most important to you

Moderators: admin, anatoly_LP, chantieLP, robyn, JoeSiegrist

LP - Exporting and Importing

Postby lsmk » Fri Feb 20, 2009 7:32 pm

LP is allowing us to export the account data into CSV, FF and LP Encrypted file. I don't have any problem with LP encrypted file. I feel LP shouldn't allow users to export data as a simple 'csv' without prompting for any encryption or password. It defeats the whole purpose of security implementation.

To cover end-to-end security, please don't allow users to save it to a flat file without any protection. I suggest you can accept encryption key and create a 'encrypted' csv and FF files. If a password breach happens because of such files, the whole effort of LP is gone. Please incorporate this additional step of exporting the data safely .

At present, i am taking extra step at my side using 'Trucrypt' and saving the 'csv' files in secured way.

It is dangerous to leave such csv files in laptops unencrypted thinking users should take care of it. There are lazy and ignorant guys out there :D
lsmk
 
Posts: 28
Joined: Sat Jan 24, 2009 4:55 pm

Re: LP - Exporting and Importing

Postby JoeSiegrist » Sat Feb 21, 2009 1:29 am

We always prompt for your password before allowing you to export your passwords.

It's important for us to allow exporting to common formats so our users can know they can always get access to their data, even if it's not a best practice for an average user to do so. It's your data, you manage it how you see fit...

Joe
JoeSiegrist
 
Posts: 4185
Joined: Wed Aug 20, 2008 10:40 am

Re: LP - Exporting and Importing

Postby lsmk » Sat Feb 21, 2009 9:08 pm

Joe,

I think you misunderstood my suggestion.
Instead of exporting as a plain 'csv' file, export and protect the output with an encryption or password key.
When someone try to open it with 'Excel' it should prompt for a password to open the file.
Thanks

-lsmk
lsmk
 
Posts: 28
Joined: Sat Jan 24, 2009 4:55 pm

Re: LP - Exporting and Importing

Postby sameer » Wed Mar 04, 2009 12:47 am

You already have this by default.
Your encrypted data is already stored on your PC.
Rather than using excel to view your data, you can view the encrypted data with the plugins, or LastPass Pocket.
Both the plugins and Pocket allow you to export your data unencrypted if you desire.
Pocket also allows you to export it in encrypted format - but again, the encryption key is your LastPass master password.

I'm not sure what type of encryption Excel has...or even if it's any good.
Doing an "encrypted Excel" variant is also limited to Windows platforms.
sameer
Site Admin
 
Posts: 268
Joined: Tue Aug 19, 2008 9:43 pm
Location: Toronto, Canada

Re: LP - Exporting and Importing

Postby lsmk » Wed Mar 04, 2009 2:58 am

Sameer,

Thanks for your detailed response. As a nice product, i still feel LP should never a leave an export output unencrypted whether it is 'excel' or 'pdf'. How about zipping them using '7-zip' and provide them(excel and pdf) as an encrypted output. It is for the enduser to decrypt unzip and print it or use it in whatever fashion.

Thanks again
-lsmk
lsmk
 
Posts: 28
Joined: Sat Jan 24, 2009 4:55 pm


Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 16 guests