|
|
|
|
|
|
by chrisfosterelli
3813 days ago
|
|
|
> I'm not sure how difficult it would be to brute force into 1Password locally but either way it's a low benefit game compared to the potential access with a compromise to a cloud based scenario like LastPass. I'm not sure if you're familiar with how Lastpass works in general, but all of the data you store with Lastpass is encrypted in almost an identical manner to your 1password vault. They can't read your passwords. A "compromise" of Lastpass would require brute forcing each user's vault in order to gain any actual passwords, which would require an extraordinarily long time. I know it sounds concerning saying "put all your passwords in the cloud" but the reality is that it's no different than using 1Password with sync enabled. |
|
|
Except that a users LastPass vault lives in the "cloud" so that a compromise of that password can likely open the door and makes it a more enticing target to begin with. Compared the likely hood of merely getting at the 1password vault (assuming it's not synced to the cloud) being a significant barrier.
Again, for me this discussion is educational, I'm curious how having this data in the cloud could ever be considered more secure than local storage.