Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Software IT

LastPass Makes Password Management Free Across All Of Your PCs, Tablets and Smartphones (cnet.com) 234

LastPass on Wednesday announced that its popular password manager will now be free for all to use. LastPass previously charged a fee of $12 per year to sync passwords across multiple devices, such as a computer, tablet or phone. From a report on CNET: To entice newcomers, the service allowed you to access select features for free on either the web or on a mobile device, but syncing between the two required a premium membership. Not anymore -- that service is now free. LastPass is one of the best known and most trusted password managers. Its main purpose is to store all of your passwords in an encrypted vault in the cloud. The vault can only be opened using a master password that only you know. LastPass doesn't store the master password or have access to it, which means even if its servers were to be breached, your precious passwords would remain encrypted and protected.
This discussion has been archived. No new comments can be posted.

LastPass Makes Password Management Free Across All Of Your PCs, Tablets and Smartphones

Comments Filter:
  • No news at 11 (Score:3, Insightful)

    by TimothyHollins ( 4720957 ) on Wednesday November 02, 2016 @09:48AM (#53198809)

    I don't see anything newsworthy here at all. Did some sneaky little marketer pay for someone's lunchy-lunch yesterday?

    Bad Slashdot, bad!

  • Comment removed based on user account deletion
    • You mean like requiring that you log into your device (laptop, phone) with a fingerprint, an iris scan, or facial recognition in order to even open the Lastpass program - at which point you then have to put in your master password? Yeah, I think modern hardware can accommodate your request. It's not set up to be used that way, but the effective result is the same.

      • by tepples ( 727027 )

        If your biometrics are compromised, how can they be revoked and reissued without harming you?

    • by Lopton ( 990061 )
      Lastpass Premium integrates with the Yubikey.
    • Laspass Premium supports Yubikey.

      (I have no connection with lastpass other than being a customer)

  • Which is why I still don't use it. If they really wanted to bolster security then MFA should really be standard, IMHO.

    I will just leave this here...
    http://keepass.info/help/kb/yu... [keepass.info]

    • by portnoy ( 16520 )

      According to their website, a number of forms of 2FA are available free. The free options largely involve either one-time verification codes like Google Authenticator or push notifications to your smart phone. Premium is required for Yubico, Sesame, and windows fingerprint recognition.

  • Because someone's got to pay for it.

  • Why? (Score:5, Interesting)

    by AmiMoJo ( 196126 ) on Wednesday November 02, 2016 @09:52AM (#53198839) Homepage Journal

    Can someone explain why I would want to have Lastpass hold the keys to my kingdom when I could just use a trusted, open source option like Keepass with a private server or free account on any number of cloud storage services? Browser plug-ins aren't exactly known for their great security.

    • by ljw1004 ( 764174 )

      Can someone explain why I would want to have Lastpass hold the keys to my kingdom when I could just use a trusted, open source option like Keepass with a private server or free account on any number of cloud storage services? Browser plug-ins aren't exactly known for their great security.

      Lastpass (the company) doesn't hold the keys to your kingdom. Their servers only store an encrypted blob that they (the company) can't decrypt. It only ever gets decrypted locally on your machine at the moment you type in your master password.

      Why would you want Lastpass? Because (1) it's really convenient - 99% of the time you want to enter a password it's the password to a web-page, and LastPass is already there; (2) you've heard from lots of security professionals that lastpass security is adequate.

    • by idji ( 984038 )
      Keepass users are more tech-savvy than Lastpass users. Different customers.
    • I'd use FreePAVE [pave.software] instead; nicer UI (no damn trees) a search feature that actually works, SQLite database, XSalsa20 instead of AES, yadda yadda. But mainly the search thing.

    • Because LastPass just works on Macs and iPhones, while KeePass is a major pain to set up (I tried following a number of tutorials when I tried it, but was never successful, YMMV).

  • by Dr. Crash ( 237179 ) on Wednesday November 02, 2016 @09:52AM (#53198843)

    Which leaves us with the interesting question of LastPass's business model.

    1) Advertising? Knowing every site you visit - AND YOUR PASSWORD?

    2) "We have a benefactor". Yeah. Except that maybe that benefactor is the NSA. Or is it the GRU? Or is it the MSS (China's NSA)?

    No matter how I slice it, I can't figure out an angle that isn't kinda creepy.

    • by Githaron ( 2462596 ) on Wednesday November 02, 2016 @10:17AM (#53198995)
      There are still features exclusive to premium and enterprise users: https://lastpass.com/features/ [lastpass.com]
    • by Nemyst ( 1383049 )
      1) They don't know your password. You should read more before commenting

      2) Their benefactor is LogMeIn. To them, LastPass is another tool in their arsenal to court corporations, and corporate LastPass usage is not free.
    • This, more than anything else, may prompt me to switch. Not that handing my money over is any kind of guarantee of privacy, but if you're giving away nearly your entire product then it means you're making money some other way. And I'm not so sure I trust that "other way" not to be in conflict with my privacy.

    • It's advertising. Though to be fair, they don't know your passwords.
    • My assessment is their goal is two-pronged. The first is to amass the majority of this market and get even more people to embrace cloud password storage. Secondly, at some point in the future they will roll out a paid "premium" service that will help offset the costs they've been absorbing and move them into profitability. Given the expected low per-user cost I suspect it would have to be a *very* enticing service as to lure enough subscribers to move them into the black. Not sure what they could offer
  • Oh, so the NSA is paying them to make it free in exchange for a backdoor. So that the NSA can access the passwords of anyone who uses LastPass.

    • The thing is: you never know. They could be doing the right thing now, but maybe they aren't. Or maybe the company changes ownership or gets threatened by some agency or needs some "alternative" revenue stream. You would never know because you can't know exactly what they are doing.
  • When LastPass was bought out by LogMeIn, I was worried that they would discontinue the service, however this seems even worse. Because in general if you're not the customer, you're the product. And in this case you're the product with all passwords stored on the cloud.

    It might be time to move on to KeePass. Then again the mobile versions are not 100% from the source. So even that is a tough decision.

  • For me, KeepassX compiled with Qt 4 or 5 does the job. I store its encrypted wallets on the cloud. Linux, Android, Windows, and Mac all work with it. What's LastPass got that I should be interested in?

    • by Sneftel ( 15416 )

      Not a ton. LastPass has better 2FA support, and you might prefer one UI to the other, but ultimately the two solutions are pretty similar in approach.

  • https://www.humblebundle.com/l... [humblebundle.com]

    Last Pass is part of the "LifeHackers" Humble Bundle. Cost just under $8 for it (and others).

    Guess that's okay because it's charity right?

    But the $1 for Directory Opus is a great deal.

  • Why is this going to fking CNET instead of the LastPass blog? Here is the actual article https://blog.lastpass.com/2016... [lastpass.com]

A triangle which has an angle of 135 degrees is called an obscene triangle.

Working...