LastPass is in the midst of a major outage

redsworn

redsworn

Level 4
Verified
Well-known
Dec 6, 2017
191
shmu26 said:
If LastPass got hacked somehow, they would have passwords from tens of millions of users, it would be a world-wide disaster and hit the news. The chances are next to zero that they would get money out of your bank account before you had a chance to change the password. The chances are much greater that you will get locked out of your own bank account by losing your password due to a user mistake or a computer disaster, because it wasn't backed up to the cloud.
Click to expand...
You're short sighted by the the fact that KeePass is an offline password manager. Well, actually with something like KeePass you can put your DB anywhere you want.
Put it on as many as cloud services. You can!
Put it on your personal/private cloud server. You can!
Your hands are not bound to certain shackle. So when one of those cloud services facing some issues or even goes under, you're not automatically doomed.
 
  • Like
Reactions: SunMan09, Divine_Barakah, DDE_Server and 3 others
F

ForgottenSeer 823865

redsworn said:
You're short sighted by the the fact that KeePass is an offline password manager. Well, actually with something like KeePass you can put your DB anywhere you want.
Put it on as many as cloud services. You can!
Put it on your personal/private cloud server. You can!
Your hands are not bound to certain shackle. So when one of those cloud services facing some issues or even goes under, you're not automatically doomed.
Click to expand...
You are a bit short-sighted as well :p
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services (for example, Bitwarden allow syncing on both PC and Android).
So personally i recommend to have both in case of. I use Bitwarden as main tool and also have my local (keepass) DB available.
 
Last edited by a moderator:
  • Like
Reactions: mlnevese, SunMan09, Divine_Barakah and 4 others
L

Local Host

Umbra said:
You are a bit short-sighted as well :p
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services (for example, Bitwarden allow syncing on both PC and Android).
So personally i recommend to have both in case of. I use Bitwarden as main tool and also have my local (keepass) DB available.
Click to expand...
That doesn't make sense.
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
I wonder how you intent to keep the DB updated, are you going to export it constantly? Not to mention it needs to be converted for KeePass DB (something you also going to do constantly?).
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
What inconvenient? Keeps my DB updated 24/7 across my devices without me having to touch anything (much like how browsers sync settings and favorites across devices) What constrains? I have the DB locally regardless if the cloud service is up or down.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services
Again makes no sense, we can use whatever cloud services we want to sync across devices (something I already do between my Phone and Desktop).

The only constrains I see is of people using services like LastPass, where they don't have full control over their DB (not even access to it) if something goes wrong (like is happening now).
 
Last edited:
  • Like
Reactions: Divine_Barakah, redsworn, Protomartyr and 1 other person
F

ForgottenSeer 823865

Local Host said:
That doesn't make sense.
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
1- I wonder how you intent to keep the DB updated, are you going to export it constantly?
2- Not to mention it needs to be converted for KeePass DB (something you also going to do constantly?).
Click to expand...
1- I dont know for you, but personally, i dont register in 20 sites a day, my last registration in a new site was 3 month ago...so no, not a big deal.
2- you have nothing to do, when you export the DB, you just select the output format, and you have 3-4 Keepass format options, took one click...,still not a big deal...

1- What inconvenient? Keeps my DB updated 24/7 across my devices without me having to touch anything (much like how browsers sync settings and favorites across devices)
2- What constrains? I have the DB locally regardless if the cloud service is up or down.
Click to expand...
1- So do i with Bitwarden, but i dont need to open a an app like with Keepass or export the DB, one click from the any browser where the extension is installed.
2- so do i with Bitwarden, exported database in a local file accessible whenever i want.

Again makes no sense, we can use whatever cloud services we want to sync across devices (something I already do between my Phone and Desktop).
Click to expand...
You miss the point, it isn't about some user finding some workarounds like we do, it is about built-in functionality and convenience.
I don't know for you but i find it more convenient on my android device to have Bitwarden fill my password instead of retrieving my keepass database manually from my cloud service app then copy-paste the credentials...
Btw, if you know a way for Keepass to fill credentials on a smartphone directly in the login page, please tell us how to do so. would be useful.

The only constrains I see is of people using services like LastPass, where they don't have full control over their DB (not even access to it) if something goes wrong (like is happening now).
Click to expand...
Reason cloud services offers you to export them to another services or Keepass-like apps. So you have a backup. Then i don't see much problem.
Keepass and alike are indeed safer but at the price of reduced convenience than cloud services, Average Joe want convenience and ease of use (same as with AVs), reason Lastpasss is way more popular despite some security issues or outages or like this one.

I use both, a cloud service (Bitwarden) and a local manager (KeePass), so i have all my angles covered, i found both useful and they fill both my needs depending the situation. Cloud services are just more convenient, that is it.

One question, did you ever intensively used a cloud password manager service?
 
Last edited by a moderator:
  • Like
Reactions: RKRN3, SunMan09, Divine_Barakah and 3 others
DDE_Server

DDE_Server

Level 22
Thread author
Verified
Top Poster
Well-known
Sep 5, 2017
1,173
Umbra said:
1- I dont know for you, but personally, i dont register in 20 sites a day, my last registration in a new site was 3 month ago...so no, not a big deal.
2- you have nothing to do, when you export the DB, you just select the output format, and you have 3-4 Keepass format options, took one click...,still not a big deal...


1- So do i with Bitwarden, but i dont need to open a an app like with Keepass or export the DB, one click from the any browser where the extension is installed.
2- so do i with Bitwarden, exported database in a local file accessible whenever i want.


You miss the point, it isn't about some user finding some workarounds like we do, it is about built-in functionality and convenience.
I don't know for you but i find it more convenient on my android device to have Bitwarden fill my password instead of retrieving my keepass database manually from my cloud service app then copy-paste the credentials...
Btw, if you know a way for Keepass to fill credentials on a smartphone directly in the login page, please tell us how to do so. would be useful.


Reason cloud services offers you to export them to another services or Keepass-like apps. So you have a backup. Then i don't see much problem.
Keepass and alike are indeed safer but at the price of reduced convenience than cloud services, Average Joe want convenience and ease of use (same as with AVs), reason Lastpasss is way more popular despite some security issues or outages or like this one.

I use both, a cloud service (Bitwarden) and a local manager (KeePass), so i have all my angles covered, i found both useful and they fill both my needs depending the situation. Cloud services are just more convenient, that is it.

One question, did you ever intensively used a cloud password manager service?
Click to expand...
Keepass2anfrood has autofill suggestion In another app
 
  • Like
Reactions: SunMan09 and harlan4096
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
LastPass seems to me much more secure on the client side. When I start up my browser and log onto websites, my LastPass email address is hidden. And so is my master password.
But with Bitwarden, every time I start up my browser, I must enter my master password, and my Bitwarden email address is displayed right on top of it. So if my system is compromised, I just gave away all my login credentials for all websites. Nothing could be worse.
IMO it is much more likely for a local system to be compromised than it is for the LastPass data base to be compromised, so I see LastPass as more secure than Bitwarden.
 
  • Like
Reactions: Protomartyr, SunMan09, harlan4096 and 3 others
Divine_Barakah

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
For me, I don't want to access passwords in my browser (like lastpass and Bitwarden). Having a desktop program (like sticky password) is more secure (I guess). At least it makes me feel much more comfortable. Now I am using Enpass and it is synced to my Personal OneDrive.
 
  • Like
Reactions: Protomartyr and shmu26
Handsome Recluse

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
I got nasty spam and the only thing I signed up for using that email was Lastpass while using Yandex Browser which annoyingly autosaves passwords by default.
This is circumstantial though.
 
  • Like
Reactions: SunMan09
Divine_Barakah

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
shmu26 said:
Do you use 2FA on every site? I don't.
Click to expand...
1Password notifies you if the website supports 2FA and recommends you to enable it. I have 2FA enabled on every single website that supports that feature. 2FA keys are added to the password manager and to Authy as a backup plan in case a disaster happens so I don't get locked out.
 
  • Like
Reactions: SunMan09
You must log in or register to reply here.

Similar threads

enaph
    • +Reputation
    • Like
Security News LastPass Warns of Phishing Scam via Fake Chrome Store Reviews
Replies
2
Views
551
Security News
lokamoka820
lokamoka820
Viking
    • Wow
Security News McDonald’s hit by ‘technology outage’ in UK, Australia, Japan and China
Replies
1
Views
882
Security News
Bot
Bot
I
    • Wow
Technology AT&T cellular outage in United States disrupts vital services
Replies
2
Views
541
Technology News
I Walk MY Way
I Walk MY Way

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top