Learn about Centmin Mod LEMP Stack today
Register Now

Security Lastpass Security Vulnerabilities [March 2017]

Discussion in 'All Internet & Web Performance News' started by eva2000, Mar 22, 2017.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    Ah that's one way to do it :)

     
  2. Jimmy

    Jimmy Premium Member Premium Member

    1,761
    381
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +967
    Local Time:
    2:24 PM
    1.17.x
    MariaDB 10.3.x
    Yup. I don't trust Andriod and some of these phone makers don't even update the software after they release a new version of the phone.

    I do have 1 site I login to, but it doesn't use my master account, rather a plain ole user account.
     
  3. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    Indeed Android OS segmentation from various phone makers is scary to think about + fact that some Android users don't even update their phone's OS
     
  4. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    hmm maybe folks should use more than one password manager account - one online solely for unimportant and less sensitive logins like forums etc and one offline for more sensitive logins ? :)

    or even a 3rd for just mobile logins access.
     
  5. pamamolf

    pamamolf Premium Member Premium Member

    3,989
    414
    83
    May 31, 2014
    Ratings:
    +804
    Local Time:
    9:24 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    I will post tomorrow some info related :)

    Prepare yourself for a paranoid topic as we are talking for security :)
     
  6. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    do tell :)

    interesting The Best Password Managers of 2017
     
  7. pamamolf

    pamamolf Premium Member Premium Member

    3,989
    414
    83
    May 31, 2014
    Ratings:
    +804
    Local Time:
    9:24 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Ok I have 10 minutes free so I will do it now :)

    I will not be able to provide many details but I am sure that forum users are able to research my info :)
     
  8. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    interesting from https://news.ycombinator.com/item?id=13755518

     
  9. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    for KeePass on Android app compare Keepass2Android vs. Keepass2Android Offline vs KeePassDroid
    though dated back in 2013
     
  10. pamamolf

    pamamolf Premium Member Premium Member

    3,989
    414
    83
    May 31, 2014
    Ratings:
    +804
    Local Time:
    9:24 PM
    Nginx-1.17.x
    MariaDB 10.3.x
  11. Jimmy

    Jimmy Premium Member Premium Member

    1,761
    381
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +967
    Local Time:
    2:24 PM
    1.17.x
    MariaDB 10.3.x
  12. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
  13. RB1

    RB1 Active Member

    292
    75
    28
    Nov 11, 2016
    California
    Ratings:
    +122
    Local Time:
    11:24 AM
    Nginx 1.21.x
    MariaDB 10.1.x
    At least LastPass is now a little more secure after being patched :D:LOL::ROFLMAO:
    Think I'll stick with it for now until something happens lol
     
  14. dorobo

    dorobo Active Member

    420
    104
    43
    Jun 6, 2014
    Ratings:
    +162
    Local Time:
    2:24 AM
    latest
    latest
    I'm starting to wean myself off of Lastpass using Sticky Password.

    Sticky Password, the free version let's me store the password database on my Dropbox folder.
     
  15. Sunka

    Sunka Well-Known Member

    1,150
    323
    83
    Oct 31, 2015
    Pula, Croatia
    Ratings:
    +521
    Local Time:
    8:24 PM
    Nginx 1.17.9
    MariaDB 10.3.22
  16. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    thanks for heads up, updated 1st post with the update :)
     
  17. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    wow 3 days later still no direct answer to my 1password email support request to reset my account so I can delete the default personal vault (as you can't delete it yourself). They did reply 3 days ago with generic link to their commonly asked questions - automated email ? Just no answer to my specific request.

    Ended up just deleting my 1password account anyway ! Using KeePass right now
     
  18. deltahf

    deltahf Premium Member Premium Member

    534
    234
    43
    Jun 8, 2014
    Ratings:
    +428
    Local Time:
    2:24 PM
    Did you try this to reset your 1Password vault? It looks like it should be pretty easy.

    https://support.1password.com/starting-over/

    When I switched to 1Password from LastPass, I just went through and cleaned up / organized all my logins (I only had a few hundred or so) and that was it. So far, I've been much happier with 1Password than I was with LastPass; I just wish it was better integrated into operating systems so I could access my passwords even faster.

    I think security is critically important, but I also think we have to be careful not to cross the line between practicality and paranoia which works against our ability to be productive.
     
  19. eva2000

    eva2000 Administrator Staff Member

    49,039
    11,235
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,488
    Local Time:
    4:24 AM
    Nginx 1.21.x
    MariaDB 10.x
    Yeah tried start over steps didn't work for, the data was still there ! In hindsight, probably easier for me to delete my account and start a new one! I have ~4,000 logins and that's without duplicates. When i imported from Lastpass to 1password I ended with a duplicates which pushed me to around 8,000 logins, them I accidentally imported my Splashid logins into personal default vault instead of separate vault and ended up with 14,900+ logins in default vault with no way to remove them. You can't even mass delete entries either, you can only delete one by one it seems. And with 1password there's no duplicate login remover like there is with Lastpass and KeePass.
     
  20. dorobo

    dorobo Active Member

    420
    104
    43
    Jun 6, 2014
    Ratings:
    +162
    Local Time:
    2:24 AM
    latest
    latest
    How do you make KeePass behave like Lastpass?

    With plugins I supposed but those are third party right?