LastPass is in the midst of a major outage

redsworn

Level 4
Verified
Well-known
Dec 6, 2017
191
If LastPass got hacked somehow, they would have passwords from tens of millions of users, it would be a world-wide disaster and hit the news. The chances are next to zero that they would get money out of your bank account before you had a chance to change the password. The chances are much greater that you will get locked out of your own bank account by losing your password due to a user mistake or a computer disaster, because it wasn't backed up to the cloud.
You're short sighted by the the fact that KeePass is an offline password manager. Well, actually with something like KeePass you can put your DB anywhere you want.
Put it on as many as cloud services. You can!
Put it on your personal/private cloud server. You can!
Your hands are not bound to certain shackle. So when one of those cloud services facing some issues or even goes under, you're not automatically doomed.
 
F

ForgottenSeer 823865

You're short sighted by the the fact that KeePass is an offline password manager. Well, actually with something like KeePass you can put your DB anywhere you want.
Put it on as many as cloud services. You can!
Put it on your personal/private cloud server. You can!
Your hands are not bound to certain shackle. So when one of those cloud services facing some issues or even goes under, you're not automatically doomed.
You are a bit short-sighted as well :p
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services (for example, Bitwarden allow syncing on both PC and Android).
So personally i recommend to have both in case of. I use Bitwarden as main tool and also have my local (keepass) DB available.
 
Last edited by a moderator:
L

Local Host

You are a bit short-sighted as well :p
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services (for example, Bitwarden allow syncing on both PC and Android).
So personally i recommend to have both in case of. I use Bitwarden as main tool and also have my local (keepass) DB available.
That doesn't make sense.
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
I wonder how you intent to keep the DB updated, are you going to export it constantly? Not to mention it needs to be converted for KeePass DB (something you also going to do constantly?).
Indeed you can put and retrieve a local DB on any personal cloud services (a bit more inconvenient) but then you will also face the same constraints if your cloud service get issues.
What inconvenient? Keeps my DB updated 24/7 across my devices without me having to touch anything (much like how browsers sync settings and favorites across devices) What constrains? I have the DB locally regardless if the cloud service is up or down.
But the biggest inconvenience of a local DB is it can't be sync via multi-platform devices like cloud services
Again makes no sense, we can use whatever cloud services we want to sync across devices (something I already do between my Phone and Desktop).

The only constrains I see is of people using services like LastPass, where they don't have full control over their DB (not even access to it) if something goes wrong (like is happening now).
 
Last edited:
F

ForgottenSeer 823865

That doesn't make sense.
Cloud passwords services allows you to export your database where you want and even use it in KeePass.
1- I wonder how you intent to keep the DB updated, are you going to export it constantly?
2- Not to mention it needs to be converted for KeePass DB (something you also going to do constantly?).
1- I dont know for you, but personally, i dont register in 20 sites a day, my last registration in a new site was 3 month ago...so no, not a big deal.
2- you have nothing to do, when you export the DB, you just select the output format, and you have 3-4 Keepass format options, took one click...,still not a big deal...

1- What inconvenient? Keeps my DB updated 24/7 across my devices without me having to touch anything (much like how browsers sync settings and favorites across devices)
2- What constrains? I have the DB locally regardless if the cloud service is up or down.
1- So do i with Bitwarden, but i dont need to open a an app like with Keepass or export the DB, one click from the any browser where the extension is installed.
2- so do i with Bitwarden, exported database in a local file accessible whenever i want.

Again makes no sense, we can use whatever cloud services we want to sync across devices (something I already do between my Phone and Desktop).
You miss the point, it isn't about some user finding some workarounds like we do, it is about built-in functionality and convenience.
I don't know for you but i find it more convenient on my android device to have Bitwarden fill my password instead of retrieving my keepass database manually from my cloud service app then copy-paste the credentials...
Btw, if you know a way for Keepass to fill credentials on a smartphone directly in the login page, please tell us how to do so. would be useful.

The only constrains I see is of people using services like LastPass, where they don't have full control over their DB (not even access to it) if something goes wrong (like is happening now).
Reason cloud services offers you to export them to another services or Keepass-like apps. So you have a backup. Then i don't see much problem.
Keepass and alike are indeed safer but at the price of reduced convenience than cloud services, Average Joe want convenience and ease of use (same as with AVs), reason Lastpasss is way more popular despite some security issues or outages or like this one.

I use both, a cloud service (Bitwarden) and a local manager (KeePass), so i have all my angles covered, i found both useful and they fill both my needs depending the situation. Cloud services are just more convenient, that is it.

One question, did you ever intensively used a cloud password manager service?
 
Last edited by a moderator:

DDE_Server

Level 22
Thread author
Verified
Top Poster
Well-known
Sep 5, 2017
1,168
1- I dont know for you, but personally, i dont register in 20 sites a day, my last registration in a new site was 3 month ago...so no, not a big deal.
2- you have nothing to do, when you export the DB, you just select the output format, and you have 3-4 Keepass format options, took one click...,still not a big deal...


1- So do i with Bitwarden, but i dont need to open a an app like with Keepass or export the DB, one click from the any browser where the extension is installed.
2- so do i with Bitwarden, exported database in a local file accessible whenever i want.


You miss the point, it isn't about some user finding some workarounds like we do, it is about built-in functionality and convenience.
I don't know for you but i find it more convenient on my android device to have Bitwarden fill my password instead of retrieving my keepass database manually from my cloud service app then copy-paste the credentials...
Btw, if you know a way for Keepass to fill credentials on a smartphone directly in the login page, please tell us how to do so. would be useful.


Reason cloud services offers you to export them to another services or Keepass-like apps. So you have a backup. Then i don't see much problem.
Keepass and alike are indeed safer but at the price of reduced convenience than cloud services, Average Joe want convenience and ease of use (same as with AVs), reason Lastpasss is way more popular despite some security issues or outages or like this one.

I use both, a cloud service (Bitwarden) and a local manager (KeePass), so i have all my angles covered, i found both useful and they fill both my needs depending the situation. Cloud services are just more convenient, that is it.

One question, did you ever intensively used a cloud password manager service?
Keepass2anfrood has autofill suggestion In another app
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
LastPass seems to me much more secure on the client side. When I start up my browser and log onto websites, my LastPass email address is hidden. And so is my master password.
But with Bitwarden, every time I start up my browser, I must enter my master password, and my Bitwarden email address is displayed right on top of it. So if my system is compromised, I just gave away all my login credentials for all websites. Nothing could be worse.
IMO it is much more likely for a local system to be compromised than it is for the LastPass data base to be compromised, so I see LastPass as more secure than Bitwarden.
 

Divine_Barakah

Level 29
Verified
Top Poster
Well-known
May 10, 2019
1,854
For me, I don't want to access passwords in my browser (like lastpass and Bitwarden). Having a desktop program (like sticky password) is more secure (I guess). At least it makes me feel much more comfortable. Now I am using Enpass and it is synced to my Personal OneDrive.
 

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
I got nasty spam and the only thing I signed up for using that email was Lastpass while using Yandex Browser which annoyingly autosaves passwords by default.
This is circumstantial though.
 
  • Like
Reactions: SunMan09

Divine_Barakah

Level 29
Verified
Top Poster
Well-known
May 10, 2019
1,854
Do you use 2FA on every site? I don't.
1Password notifies you if the website supports 2FA and recommends you to enable it. I have 2FA enabled on every single website that supports that feature. 2FA keys are added to the password manager and to Authy as a backup plan in case a disaster happens so I don't get locked out.
 
  • Like
Reactions: SunMan09

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top