

Why No One Should Use LastPass - elasticdog
http://www.tobtu.com/lastpass.php

======
atoponce
I don't understand why people prefer to store their passwords in the cloud.
Even if they are encrypted on the wire, and encrypted on the disk. The moment
a discovery is made that makes that encryption algorithm "broken", is the
moment your passwords and logins are at risk to someone you don't control.

Passwords should be encrypted locally, and stored locally. If AES-256 is
really just a Caesar cipher on drugs, and is broken tomorrow, I won't need to
scramble getting my passwords reset. For those relying on LastPass however....

------
elasticdog
I'm curious to see the community's reaction to these observations about
LastPass and also hear what alternatives people use (KeePass and variants,
1Password, pass, pwsafe, etc.).

~~~
frostmatthew
That looks nearly a year old, the post isn't timestamped but the dates from
the emails are from September 2012.

