Hacker News new | past | comments | ask | show | jobs | submit login

AFAIK LastPass is an online password manager, i.e., you do not only trust a software vendor like AgileBits for 1Password, but you trust your actual passwords to an online provider. Is that wise given that LastPass could get hacked or asked by authorities to provide your passwords – if there's not already an existing legal access channel?



As said elsewhere, passwords stored in LastPass are encrypted locally. They do not store your password so they officially don't have a way to decrypt your passwords. I agree that it's a matter of trust as your passwords are still stored on their servers.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: