Page 7 of 8

Re: Have I Been Pwned Integration?

PostPosted: Fri Jan 25, 2019 6:45 am
by Symo85
My Ticket Update Wrote:Thanks for the information, as the blog explicitly states "No passwords or password hashes are ever sent to PasswordPing", which in and of itself is good, I don't want my password password hashes sent anywhere...the HIBP API and checking method (and 1Passwords implementation of it) uses k-anonymity and can check for a breached password without sending the password or hash anywhere.

Again thanks for the info, but a note for the record; as it seems LastPass does not intend to implement this HIBP feature (which I consider to be a key security feature), when my LastPass subscription ends I will not be renewing and will be moving to 1Password.

LP Ticket Reply Wrote:Thank you for the details. I have escalated your ticket to LEVEL 3 SUPPORT for further review.

Re: Have I Been Pwned Integration?

PostPosted: Fri Jan 25, 2019 10:41 am
by equinox
I got this as a support reply:

Thank you for this suggestion. We have forwarded an enhancement request to our development team for future consideration.

Kindest,
Michelle

Re: Have I Been Pwned Integration?

PostPosted: Fri Jan 25, 2019 5:28 pm
by kungfujoe
equinox Wrote:I got this as a support reply:

Thank you for this suggestion. We have forwarded an enhancement request to our development team for future consideration.

Kindest,
Michelle


I received a VERY similar reply from "Han" when adding a comment to my ticket with a pointer to FlyingHawk's explanation:

Sorry for the confusion on our end. You are correct that currently we do not check against compromised passwords. I will pass this as a feedback to the product team for their consideration.

Re: Have I Been Pwned Integration?

PostPosted: Fri Jan 25, 2019 6:12 pm
by FlyingHawk
kungfujoe Wrote:I received a VERY similar reply from "Han" when adding a comment to my ticket with a pointer to FlyingHawk's explanation:
Sorry for the confusion on our end. You are correct that currently we do not check against compromised passwords. I will pass this as a feedback to the product team for their consideration.

I remember "Han" is one of the higher level support agents, who are generally technically competent in my experience. It's nice that your ticket got through to a higher level.

However, it's not just the support staff or the dev team that we need to convince. We can only hope that management makes the right call. Otherwise, jumping ship is probably the only way to make them listen.

Re: Have I Been Pwned Integration?

PostPosted: Wed Jan 30, 2019 4:27 am
by Symo85
2019-01-25 16:12 ChrisN
Your ticket was escalated to me. Thank you for this feedback. We have forwarded an enhancement request to our development team for future consideration. Let us know if you need any further assistance!

Re: Have I Been Pwned Integration?

PostPosted: Wed Jan 30, 2019 8:13 pm
by Filipus
7 pages and no official reply? This needs to be a feature.

Re: Have I Been Pwned Integration?

PostPosted: Wed Jan 30, 2019 10:45 pm
by jpenny84
Filipus Wrote:7 pages and no official reply? This needs to be a feature.


This is a user to user support forum. Plenty of people have posted their official replies from support tickets.

Re: Have I Been Pwned Integration?

PostPosted: Fri Feb 01, 2019 4:05 pm
by bardove369
I'm also here to see if there is any way to efficiently check compromised passwords and change them after hearing about the Collection #1 breach.

Re: Have I Been Pwned Integration?

PostPosted: Tue Feb 05, 2019 3:27 pm
by ed811
Do the security challenge and look at the results.. leaked passwords/sites will be emailed by lastpass to you.
That looks like the same functionality.

Re: Have I Been Pwned Integration?

PostPosted: Tue Feb 05, 2019 3:27 pm
by neerajmakam
+1 for this feature.