|
|
|
|
|
|
by infinitelurker
3810 days ago
|
|
|
>the reality is that it's no different than using 1Password with sync enabled. Except that a users LastPass vault lives in the "cloud" so that a compromise of that password can likely open the door and makes it a more enticing target to begin with. Compared the likely hood of merely getting at the 1password vault (assuming it's not synced to the cloud) being a significant barrier. Again, for me this discussion is educational, I'm curious how having this data in the cloud could ever be considered more secure than local storage. |
|
|
It's not, I didn't mean to give that impression. It increases your attack surface, which is a tradeoff that 99.99% of users are happy to make for the convenience of having instant and strongly secured access to all of their passwords from anywhere.
I meant to point out that this is no different than how the vast majority of 1Password users configure their database: with Dropbox syncing.
For me, this is a required feature to using a password manager. If you do not need this feature, local storage only is better. However, I'll argue that if you have that level of concern then you should also not be using any closed source password manager in the first place.