Neither can LastPass. All your data is encrypted before it's sent to their serve... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		w1ntermute on Dec 14, 2010 \| parent \| context \| favorite \| on: The Dirty Truth About Web Passwords Neither can LastPass. All your data is encrypted before it's sent to their servers. It's only decrypted client-side.

ZoFreX on Dec 15, 2010 [–]

Right, but you have to take their word for that (not exclusive to LastPass, goes for any service like this). So ultimately, you still have to trust them.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact