Y
Hacker News
new
|
ask
|
show
|
jobs
by
pwman
4449 days ago
NO! It's all done locally via JavaScript -- we never want to get your master password / encryption key -- we go through great pains to ensure that never happens.
1 comments
MichaelGG
4449 days ago
But there's like, no way for a customer to verify that. It's good practise, but a customer should not rely on that as part of their security model.
link
joosters
4448 days ago
It's a lastpass.com site and you are already implicitly trusting them by using LastPass. How does this make it less secure?
link