… until v8 when they removed important features, required all passwords to be stored in their cloud, making it impossible for security professionals and similarly minded folks to continue using it. In the past I have recommended 1P to thousands of people. LastPass current supports OTP but neither U2F nor the newer WebAuthn, which underpins macOS 13 Ventura’s Passkeys.Īs a very long time 1Password user & advocate, from v2 or maybe even v1, and PasswordWallet before that - I’ve seen PasswordManagers grow to better fit the use cases.ġPassword has been almost perfect. I feel like a features analysis is not enough I need to check for security issues as well.Ĭan you recommend a trustworthy source for security reviews of password managers?Īpparently, one of the security features to look for is FIDO’s Universal 2nd Factor (U2F)Īs opposed to One-Time Password (OTP) in order to prevent the user mistakenly typing a OTP into a phishing site thereby facilitating a Man-In-The-Middle (MITM) attack. My master password is strong but that’s not sufficient because of security implementation issues, some of which security experts have known about since at least 2015. My problem with LastPass is not features it’s security, which as you pointed out most TidBITS users (including me) can not evaluate for themselves. I can make a list of features that are important to me and LastPass has them. … each user needs to do their own analysis of which features are important to them, then see which have those features and the choices get narrowed down pretty quick.Īre not encryption or security experts…so users need to pick their poison based on features they require…and then make sure the master password for their vault is good enough…
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |