Question LastPass Users - Post Your Security Challenge Score

Please provide comments and solutions that are helpful to the author of this topic.

What Password Manager Do You Use?

  • LastPass

    Votes: 63 52.1%
  • Dashline

    Votes: 3 2.5%
  • Roboform Everywhere

    Votes: 2 1.7%
  • Keeper Pasword

    Votes: 0 0.0%
  • KeePass

    Votes: 12 9.9%
  • Sticky Password

    Votes: 9 7.4%
  • Norton Identity Safe

    Votes: 2 1.7%
  • Password Box

    Votes: 1 0.8%
  • Other. [Please mention it]

    Votes: 10 8.3%
  • I don't use a Password Manager [Tell us why]

    Votes: 19 15.7%

  • Total voters
    121

Oxygen

Level 44
Verified
Feb 23, 2014
3,316
WaVVbiZ.png
 
  • Like
Reactions: BoraMurdar

BIgD1

Level 3
Verified
Oct 25, 2014
138
I really like and use LastPass. The recent feature that automatically logs you in, and changes the password for a lot of websites is very nice. Hopefully, they will be able to que all the websites you want changed, and do it all in one fell swoop. As it is now, it's one at a time automatically, but that is still a lot faster than doing it myself one by one.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Hello @BIgD1 . I've seen the Change Password for Sites, but haven't used it. Is it easy and simple to use? How does it work for the sites you've used it on?
 
  • Like
Reactions: BIgD1

BIgD1

Level 3
Verified
Oct 25, 2014
138
Hello @BIgD1 . I've seen the Change Password for Sites, but haven't used it. Is it easy and simple to use? How does it work for the sites you've used it on?

Yes the new automatic change password feature was very easy to use. I changed passwords automatically for Paypal, Ebay, Home Depot, and Amazon for example with no problems at all. The only one that it did not work on was NewEgg, and NewEgg is in the supported list. Don't know why it did not work with NewEgg, but it could be cookie related.

Just looked over the ones that I mentioned I changed automatically, and they all were changed to passwords with 15 characters.
 
Last edited:
  • Like
Reactions: Nevi and Ink

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
LPScore.png


LP_Detailed_results.png
I ask myself, what would be if someone would have identical number of sites stored in the Vault, with the same average password length.
Who would be the first? That one with more sites stored? It's not that impossible with so many of LastPass users...
 
  • Like
Reactions: Nevi

Welldone

Level 5
Verified
Dec 29, 2012
235
I ask myself, what would be if someone would have identical number of sites stored in the Vault, with the same average password length.
Who would be the first? That one with more sites stored? It's not that impossible with so many of LastPass users...
Yes,i think so the one with more sites stored in LastPass :D If all are equal,may be the one who has the oldest LP Account would come first:p

I found the following trick useful especially for banking sites in my LP Account.
Hacker tournaments start by testing hackers ability to compromise from remote, then progress into more direct hacking with access to the machine physically. Personally I do not have sharing of any kind activated on any password managers. But again my 'decoration' mode would defeat that because you are sharing a password without the decorations, hence useless.

You share Skype PW with Joe-Bob, which is; 4oAecs0:K1%PT"6@~~'O Knowing that is useless, as my cipher/decoration for that 'type' and 'link' is; 4oAecs0:K1%PT"6@~~'O!kype92JoT

The MANUAL salt is !kype92JoT which is based off of an undocumented, personal algorithmic method. Which is why we used this method at a defense contractor I worked for, and I believe it's a method to ensure ultimate security against all known NON-Keylogger/NON-MTM types of assaults. If someone has keyloggered you, not much you can do anyway. Atkinson was hacked with state sponsored malware, and it achieved access to her system through her clicking a file sent through email. Ultimately there isn't much you can do if you 'click' stuff randomly. Ultimately it will be revealed that Atkinson wasn't very intelligent in her use of security, passwords, and encryption.

So use a password manager, then develop your own salting/decoration method, and give yourself 'quantitative' security improvements for no cost, and little hassle. I could post my entire Lastpass database as a text file here, and it's going to do you no good unless you can brute force a 10 mixed character decoration appended to each one.

So let's all use this method, and not fuss with arguing if this or that is secure, make them all secure:p

Source and Credits: Post #107 by Mayahana
 
Last edited:
  • Like
Reactions: scot and BoraMurdar

tallorder

Level 6
Verified
Jan 15, 2015
267
Darn, this might have been a good place for me to see a link, to go to LastPass, but I can look it up!
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
My scores from LastPass web and LastPass Premium app are different. o_O

Except, master password remains at 100%.
 
  • Like
Reactions: FreddyFreeloader

Ashu Kumar

Level 2
Verified
Oct 6, 2014
75
In my opinion, KeePass is the best software in this category. Works like a charm with Firefox, intelligibly integrated and most importantly, it is not slowing down the Firefox. :)

Though I couldn't get it to work seamlessly with Internet Explorer but "Perform Auto -Type" feature of KeePass is outstanding and works with any browser. :)

A minor downside is small font of the entries in program but with latest update v2.28, it is improving itself with some UI enhancements. :)
 

FreddyFreeloader

Level 32
Verified
Top Poster
Well-known
Jul 23, 2013
2,115
I have never used a password manager nor do I see the need for it.

Like OneDay I too do not trust a password manager.

How I remember / store my passwords is for me alone to know, I am not telling ;)

I keep my car keys & my house keys on my person. I do not have some one to hold them for me.

Why will I want a password manager to hold my passwords for me ?
Having to type those passwords is leaving them open for keyloggers to steal.
 

Post-it

Level 1
Sep 11, 2015
8
I too have quite a few logins with different password for all logins.
I too have complicated passwords & I too can not possibly remember them in my mind.
I will never ever write my passwords on paper.
But there are also other digital ways of remembering & storing passwords.
I like bare minimum programs installed on my computer which is why I do not want a password manager.

With exponential use of internet and in order to stay protected against identity theft and accounts highjacking
I need to have a strong and unique password for each of the sites I registered.
After deleting all the obsolete ones I still have 212 sites to manage a strong password for. Simply impossible to "remember" 212 passwords with 20-digits length.

Not having to key them in on the keyboard also protects me from priying eyes or keyloggers
Having a password manager also makes life easy when one needs to change passwords for regular updates or when some of my sites have or may have been hacked

I also use the 2-factor-authentication with a Ubikey if ever need to log from someone else's machine

I also disabled and purged all password storage within the web browsers, they simply are not safe at all, far too easy to steal.
When I first installed LastPass, without asking for my permission, I saw the programm collecting all the passwords I had stored in my browsers!!!! For me, that was a wake-up call
 

Post-it

Level 1
Sep 11, 2015
8
My LastPass Security Challenge score: 212 sites
5 of them simply do not allow strong password but those are not at all critical and I am fine with them.
Nevertheless it affects the overall score

Capture.PNG
 
  • Like
Reactions: Nevi

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top