Expired Hot Deals

[Humble Bundle] 1 year of LastPass (and other apps) for BTA (curr 9.04$)

  • Last Updated:
  • Jul 5th, 2017 4:04 pm
[OP]
Deal Addict
User avatar
Sep 3, 2012
1854 posts
627 upvotes
TO

1 year of LastPass (and other apps) for BTA (curr 9.04$)

Deal Link:
Price:
9.04
Savings:
3.71 USD
Retailer:
Humble Bundle
If you're only getting it for LP, you save 3.71 USD (just auto-renewed, was charged 12.75 USD on LP.com)

If you're also interested in the other apps, well, then the value is even better.

In any case, you're supporting charity.
Wins
2015: 69.99$
19 replies
Deal Addict
User avatar
Jun 8, 2008
3199 posts
538 upvotes
GTA
That's cool, but I recommend keepass as it's the most secure and 100% free
Sr. Member
Aug 27, 2013
512 posts
236 upvotes
cloud
Good man you're. I did not renew LP Premium 'coz they've made all the features I use free for all.
Deal Fanatic
User avatar
Apr 9, 2006
8971 posts
11457 upvotes
GT-EH
jarko wrote: That's cool, but I recommend keepass as it's the most secure and 100% free
I've tried lastpass, but I went back to using keepass.

I just don't like how lastpass stores all your information on their servers (even tho it's encrypted).
What's the best credit card for...
Behold, true glory. #PCMasterRace!
[OP]
Deal Addict
User avatar
Sep 3, 2012
1854 posts
627 upvotes
TO
jarko wrote: That's cool, but I recommend keepass as it's the most secure and 100% free
Genuinely curious: how does the mobile app fare? Can it also fill in forms in the browser and in apps for you or add copy notifications when it can't? That's the one thing I use LP for the most.
Wins
2015: 69.99$
Sr. Member
Aug 27, 2013
512 posts
236 upvotes
cloud
I tried KeePass when LP the company got bought, but KeePass is just inferior in every way in usability. I'm all for open-source and free software but in this case, I keep LP and was happily paying for LP Premium, until they made it free.
Deal Fanatic
Aug 3, 2014
5552 posts
3468 upvotes
cmchiu wrote: I tried KeePass when LP the company got bought, but KeePass is just inferior in every way in usability. I'm all for open-source and free software but in this case, I keep LP and was happily paying for LP Premium, until they made it free.
At least KeePass databases are not stored in NSA hard drives by default.
Sr. Member
Aug 27, 2013
512 posts
236 upvotes
cloud
It's stories like these that keep me LastPass, and I quote from your first link:

“Very impressed with how fast @LastPass responds to vulnerability reports,” he wrote. “If only all vendors were this responsive.”

Nobody is perfect and no software is perfect. It's what vendors do to address bug reports that set them apart.

Btw if the NSA is after you, KeePass isn't gonna save you.
Member
Sep 28, 2003
323 posts
30 upvotes
cmchiu wrote: It's stories like these that keep me LastPass, and I quote from your first link:

“Very impressed with how fast @LastPass responds to vulnerability reports,” he wrote. “If only all vendors were this responsive.”

Nobody is perfect and no software is perfect. It's what vendors do to address bug reports that set them apart.

Btw if the NSA is after you, KeePass isn't gonna save you.
Those articles seem to say that the vulnerability was intercepting your communication with LastPass servers. Keepass is serverless. You keep the password file locally and there is no need to communicate with the outside world to retrieve your password. It's that kind of story that makes Keepass sound like the better option.

Can you elaborate what usability features make LP better?
Deal Fanatic
User avatar
Apr 9, 2006
8971 posts
11457 upvotes
GT-EH
Sarc wrote: Those articles seem to say that the vulnerability was intercepting your communication with LastPass servers. Keepass is serverless. You keep the password file locally and there is no need to communicate with the outside world to retrieve your password. It's that kind of story that makes Keepass sound like the better option.

Can you elaborate what usability features make LP better?
Bingo... someone gets it. :lol:

Rather than set up your password database on a third-party server by default, it creates your database as a portable file, that is 256-AES encrypted, to store it however you want. You can carry it with you, along with the Keepass application, on a portable flash drive and have access to it all the time, or you can store it in a cloud service like Google Drive or Dropbox and access it from there.

You can also set it up so that it requires a key file as well as the key password to unlock the database. If the specified key file is not present on the system then the database cannot be opened. Store the file on a flash drive and not on any computer and this will make it so that your database can only be opened if you plug the flash drive in. This is analogous to 2 factor authentication!

There are also lots of plugins to add more capabilities, Android app, iPhone app, browser extensions, all kinds of stuff to make Keepass work for you.
What's the best credit card for...
Behold, true glory. #PCMasterRace!
Deal Addict
User avatar
Jul 18, 2010
2139 posts
629 upvotes
Edmonton
GiOBoY wrote: Bingo... someone gets it. :lol:

Rather than set up your password database on a third-party server by default, it creates your database as a portable file, that is 256-AES encrypted, to store it however you want. You can carry it with you, along with the Keepass application, on a portable flash drive and have access to it all the time, or you can store it in a cloud service like Google Drive or Dropbox and access it from there.

You can also set it up so that it requires a key file as well as the key password to unlock the database. If the specified key file is not present on the system then the database cannot be opened. Store the file on a flash drive and not on any computer and this will make it so that your database can only be opened if you plug the flash drive in. This is analogous to 2 factor authentication!

There are also lots of plugins to add more capabilities, Android app, iPhone app, browser extensions, all kinds of stuff to make Keepass work for you.
The 3rd party plug-ins and apps were what sketched me out about Keepass. I might trust Keepass, but I have no idea what's going on behind these scenes with the plug-ins and apps created by randoms on the internet. Also, I was keeping in in google drive anyways, so it's out there.
Sr. Member
Aug 27, 2013
512 posts
236 upvotes
cloud
Hey guys (or gals), to each his/her own. I know all the dis/advantages of KeePass vs LastPass and I've made a conscious choice to stick with LastPass. Yes I had set up KeePass to use a private key too. Thanks for educating the rest of the readers here.

I'll say, one thing in particular where KeePass is lacking, is credential sharing, where I can share my GCR/ebates credentials with everyone in the household and have my password changes auto-propagate to everyone. This is one of the usability-vs-security tradeoffs I'm making.

I'll leave it at that.
Deal Addict
Jan 10, 2017
1245 posts
576 upvotes
GTA
So I'm just going to clarifies people's biased opinions and give you guys a security perspective biased opinion.

I'm currently a Information Security Analyst, working and in School in my field.
There are some trade offs for having usability and security all in one.

I will address the huge complaint that I have about Keepass that people do not know.

Keepass Password Safe v 1.31 has only been audited. Once. No other plugins, variants, or third-party clones have ever been audited or follow the testing standards to ensure the software is up to par as the KeePass Password Safe standards.

Now that is out of the way, I will keep things short to make things easy (for me).

KeePass is wonderful for offline hermits who do not need their database on every new device or who are techsavvy to run their own syncing instances.
If you are willing to use the pure audited KeePass Password Safe, you will only have the ability to copy, or auto-type your info into logins.
Sacrificing security for usability, you can use third party plugins to enhance your experience which are made by one man teams on their spare time, usually taking donations to fund their time investment into an awesome project.
In the past, keepass has not been reliable to me but I think that had to do with the syncing software which would cause my vault to wipe.

KeePass is well built, has a large enough team to build and push patches for vulns a lot better than some password managers trying to cash grab the market.
The huge benefit is keeping the database offline, its one step to prevent an all out password reset on your accounts, but this point is negligible if you use a very strong master password with 2FA.

Lastpass, it has a big red target on it, its like Windows during the XP days where malware grew like rabbits, you will hear more about new vulnerabilities out of it than any other password safe product.
The biggest note here is that all vulnerabilities were found by Security Researchers, with many other security researchers and especially Google's zero day team throwing cycles (human work hours * money), they have chipped and toned LastPass to what it is today, that's including all official variants and plugins. Think about how that compares to sticky password, or your favorite password manager? Where no researcher bothers to check for vulns.
This is one big package of user-friendly conveniences, with a huge budget funded both by security conscious individuals (you) and enterprises who have deep pockets.
The huge demand to ensure they are always the best and secure password safe with large amounts of money can allow them to do yearly audits, and have the reaction to respond to vulnerabilities as fast as they can.
This type of service offers the ability to put your old mom onto as they only have to worry about remembering their master password.

Dashlane, OnePassword, KeePass, and LastPass are the best and most notable password managers out there.
I would recommend LastPass to anyone, I would recommend KeePass to those extra paranoid as long as its with the official client.
Information Security Analyst
---
Fido $15/3GB + voip.ms $1/M + 3cx PBX voip push client $0 + Google Server vps $0 = $16/Month voip solution with no battery drain.
Thread

Top