I'm sick of trying to remember all my passwords. Lastpass looks like it would be cool but I have concerns 1. Looks like it requires a browser add on. So if I add it on to chrome, but then one day chrome is being an asshole and I switch to firefox, then can I not sign into my shit? 2. Then what if I try them out for a month, switch all my old passwords to lastpass ones, then decide lastpass are assholes. Probably a hassle to go switch all my passwords back to "123butt$ex" 3. And my biggest fear, what if they decide to royally screw us like photobucket did when they held your photos hostage unless you paid $400 or whatever it was. Do any of you use anything special for your password management?
Storing all your passwords in one location is a great idea. It's not like LastPass has ever been hacked before.
Its still better than the alternative. I use LastPass for everything, but I also setup up a secondary 2FA through Google Authenticator for everything. That way, even if Lastpass is hacked and compromised, all of my data and accounts are still secure. i never save any password to a device either and I have the same standards for all of my employees who access anything.
How does google authenticator come in to the equation? Is that what you use to authenticate every time you log in to lastpass, to ensure nobody gets into your lastpass account? Or is it only a failsafe in case you forget your lastpass password?
If someone had access to my LastPass account, they still would not be able to log into anything without entering in the 2FA code, which is tied to a physical device and another piece of software. It creates a second layer of security.
I use it both when logging into LastPass and also when logging into any account with LastPass. Say for example, I am logging into my Amazon FBA account. Here are the steps 1. Log into Lastpass with my Lastpass password 2. Enter 2FA from physical device from Google Auth 3. Log into Amazon FBA with LastPass 4. Amazon also setup to require 2FA verification to log in As you can see, it creates separate security checks on both sides, which vastly improved account and data security.
The trick is to pick your favorite lunch meat then add a series of numbers after it. Like If you like Ham your password can be HAM12345 If you like Capocollo it would be Capocollo12345 Sometimes I trick the hackers and skip a number. For instance 12346 See what I did there
Just follow these steps 1 - use LastPass for everything 2 - use 2FA for LastPass and on EVERYTHING else 3 - let LastPass generate all of your passwords 4 - don't ever save a password to a browser/cookie/device 5 - don't write your passwords down anywhere 6 - set up a secondary email with 2FA and a separate LastPass as your backup if you need to securely recover any account congrats, you are secure.
Nah. I have it setup for all my work related stuff + soclai media / email Maybe I should roll everything into the same system but eh
I've used last pass for years. It's an excellent solution. It is occasionally a pain in the ass but not as bad as finding out some mom and pop site stored your login credentials that you use for everythign in an unsecured text file and now the password that you used for Gmail and your bank are being for sold bitcoin on the darkweb. Even a half assed effort at security is more than 99% of the world bothers with and probably makes you much safer than most.
I don't like the idea of the cloud having all my passwords. I have a desktop based app that stores my passwords.
