Sorry, this offer has expired. Set up a deal alert and get notified of future deals like this. Add a Deal Alert

Expired Hot Deals

Sorry, this offer has expired.
Set up a deal alert and get notified of future deals like this.
Set up a Deal Alert
Humble Bundle

1 year of LastPass (and other apps) for BTA (curr 9.04$)

  • Last Updated:
  • Jul 5th, 2017 4:04 pm
Deal Addict
User avatar
Sep 3, 2012
1858 posts
627 upvotes
TO

1 year of LastPass (and other apps) for BTA (curr 9.04$)

Deal Link:
Price:
9.04
Savings:
3.71 USD
Retailer:
Humble Bundle
If you're only getting it for LP, you save 3.71 USD (just auto-renewed, was charged 12.75 USD on LP.com)

If you're also interested in the other apps, well, then the value is even better.

In any case, you're supporting charity.
Wins
2015: 69.99$
19 replies
Deal Addict
User avatar
Jun 8, 2008
3470 posts
728 upvotes
GTA
That's cool, but I recommend keepass as it's the most secure and 100% free
Sr. Member
Aug 27, 2013
782 posts
538 upvotes
cloud
Good man you're. I did not renew LP Premium 'coz they've made all the features I use free for all.
Deal Guru
User avatar
Apr 9, 2006
10596 posts
15787 upvotes
GT-EH
jarko wrote: That's cool, but I recommend keepass as it's the most secure and 100% free
I've tried lastpass, but I went back to using keepass.

I just don't like how lastpass stores all your information on their servers (even tho it's encrypted).
Public Mobile Customer, $34/50GB CAN-US
"It is possible to commit no mistakes and still lose. That is not a weakness; that is life." - Picard
Deal Addict
User avatar
Sep 3, 2012
1858 posts
627 upvotes
TO
jarko wrote: That's cool, but I recommend keepass as it's the most secure and 100% free
Genuinely curious: how does the mobile app fare? Can it also fill in forms in the browser and in apps for you or add copy notifications when it can't? That's the one thing I use LP for the most.
Wins
2015: 69.99$
Sr. Member
Aug 27, 2013
782 posts
538 upvotes
cloud
I tried KeePass when LP the company got bought, but KeePass is just inferior in every way in usability. I'm all for open-source and free software but in this case, I keep LP and was happily paying for LP Premium, until they made it free.
Deal Fanatic
Aug 3, 2014
6089 posts
4352 upvotes
cmchiu wrote: I tried KeePass when LP the company got bought, but KeePass is just inferior in every way in usability. I'm all for open-source and free software but in this case, I keep LP and was happily paying for LP Premium, until they made it free.
At least KeePass databases are not stored in NSA hard drives by default.
Deal Guru
User avatar
Apr 9, 2006
10596 posts
15787 upvotes
GT-EH
hvwozq wrote: At least KeePass databases are not stored in NSA hard drives by default.
These stories are what concerns me more:

https://www.theverge.com/2017/3/22/1502 ... -passwords

https://www.theguardian.com/technology/ ... nerability
Public Mobile Customer, $34/50GB CAN-US
"It is possible to commit no mistakes and still lose. That is not a weakness; that is life." - Picard
Sr. Member
Aug 27, 2013
782 posts
538 upvotes
cloud
It's stories like these that keep me LastPass, and I quote from your first link:

“Very impressed with how fast @LastPass responds to vulnerability reports,” he wrote. “If only all vendors were this responsive.”

Nobody is perfect and no software is perfect. It's what vendors do to address bug reports that set them apart.

Btw if the NSA is after you, KeePass isn't gonna save you.
Sr. Member
Sep 28, 2003
900 posts
529 upvotes
cmchiu wrote: It's stories like these that keep me LastPass, and I quote from your first link:

“Very impressed with how fast @LastPass responds to vulnerability reports,” he wrote. “If only all vendors were this responsive.”

Nobody is perfect and no software is perfect. It's what vendors do to address bug reports that set them apart.

Btw if the NSA is after you, KeePass isn't gonna save you.
Those articles seem to say that the vulnerability was intercepting your communication with LastPass servers. Keepass is serverless. You keep the password file locally and there is no need to communicate with the outside world to retrieve your password. It's that kind of story that makes Keepass sound like the better option.

Can you elaborate what usability features make LP better?
Deal Guru
User avatar
Apr 9, 2006
10596 posts
15787 upvotes
GT-EH
Sarc wrote: Those articles seem to say that the vulnerability was intercepting your communication with LastPass servers. Keepass is serverless. You keep the password file locally and there is no need to communicate with the outside world to retrieve your password. It's that kind of story that makes Keepass sound like the better option.

Can you elaborate what usability features make LP better?
Bingo... someone gets it. :lol:

Rather than set up your password database on a third-party server by default, it creates your database as a portable file, that is 256-AES encrypted, to store it however you want. You can carry it with you, along with the Keepass application, on a portable flash drive and have access to it all the time, or you can store it in a cloud service like Google Drive or Dropbox and access it from there.

You can also set it up so that it requires a key file as well as the key password to unlock the database. If the specified key file is not present on the system then the database cannot be opened. Store the file on a flash drive and not on any computer and this will make it so that your database can only be opened if you plug the flash drive in. This is analogous to 2 factor authentication!

There are also lots of plugins to add more capabilities, Android app, iPhone app, browser extensions, all kinds of stuff to make Keepass work for you.
Public Mobile Customer, $34/50GB CAN-US
"It is possible to commit no mistakes and still lose. That is not a weakness; that is life." - Picard
Deal Addict
User avatar
Jul 18, 2010
2210 posts
696 upvotes
Edmonton
GiOBoY wrote: Bingo... someone gets it. :lol:

Rather than set up your password database on a third-party server by default, it creates your database as a portable file, that is 256-AES encrypted, to store it however you want. You can carry it with you, along with the Keepass application, on a portable flash drive and have access to it all the time, or you can store it in a cloud service like Google Drive or Dropbox and access it from there.

You can also set it up so that it requires a key file as well as the key password to unlock the database. If the specified key file is not present on the system then the database cannot be opened. Store the file on a flash drive and not on any computer and this will make it so that your database can only be opened if you plug the flash drive in. This is analogous to 2 factor authentication!

There are also lots of plugins to add more capabilities, Android app, iPhone app, browser extensions, all kinds of stuff to make Keepass work for you.
The 3rd party plug-ins and apps were what sketched me out about Keepass. I might trust Keepass, but I have no idea what's going on behind these scenes with the plug-ins and apps created by randoms on the internet. Also, I was keeping in in google drive anyways, so it's out there.
Sr. Member
Aug 27, 2013
782 posts
538 upvotes
cloud
Hey guys (or gals), to each his/her own. I know all the dis/advantages of KeePass vs LastPass and I've made a conscious choice to stick with LastPass. Yes I had set up KeePass to use a private key too. Thanks for educating the rest of the readers here.

I'll say, one thing in particular where KeePass is lacking, is credential sharing, where I can share my GCR/ebates credentials with everyone in the household and have my password changes auto-propagate to everyone. This is one of the usability-vs-security tradeoffs I'm making.

I'll leave it at that.
Deal Addict
Jan 10, 2017
1536 posts
981 upvotes
GTA
So I'm just going to clarifies people's biased opinions and give you guys a security perspective biased opinion.

I'm currently a Information Security Analyst, working and in School in my field.
There are some trade offs for having usability and security all in one.

I will address the huge complaint that I have about Keepass that people do not know.

Keepass Password Safe v 1.31 has only been audited. Once. No other plugins, variants, or third-party clones have ever been audited or follow the testing standards to ensure the software is up to par as the KeePass Password Safe standards.

Now that is out of the way, I will keep things short to make things easy (for me).

KeePass is wonderful for offline hermits who do not need their database on every new device or who are techsavvy to run their own syncing instances.
If you are willing to use the pure audited KeePass Password Safe, you will only have the ability to copy, or auto-type your info into logins.
Sacrificing security for usability, you can use third party plugins to enhance your experience which are made by one man teams on their spare time, usually taking donations to fund their time investment into an awesome project.
In the past, keepass has not been reliable to me but I think that had to do with the syncing software which would cause my vault to wipe.

KeePass is well built, has a large enough team to build and push patches for vulns a lot better than some password managers trying to cash grab the market.
The huge benefit is keeping the database offline, its one step to prevent an all out password reset on your accounts, but this point is negligible if you use a very strong master password with 2FA.

Lastpass, it has a big red target on it, its like Windows during the XP days where malware grew like rabbits, you will hear more about new vulnerabilities out of it than any other password safe product.
The biggest note here is that all vulnerabilities were found by Security Researchers, with many other security researchers and especially Google's zero day team throwing cycles (human work hours * money), they have chipped and toned LastPass to what it is today, that's including all official variants and plugins. Think about how that compares to sticky password, or your favorite password manager? Where no researcher bothers to check for vulns.
This is one big package of user-friendly conveniences, with a huge budget funded both by security conscious individuals (you) and enterprises who have deep pockets.
The huge demand to ensure they are always the best and secure password safe with large amounts of money can allow them to do yearly audits, and have the reaction to respond to vulnerabilities as fast as they can.
This type of service offers the ability to put your old mom onto as they only have to worry about remembering their master password.

Dashlane, OnePassword, KeePass, and LastPass are the best and most notable password managers out there.
I would recommend LastPass to anyone, I would recommend KeePass to those extra paranoid as long as its with the official client.
Deal Addict
Nov 8, 2007
2727 posts
522 upvotes
Markham
Lastpass is free unless u need the premium features

https://helpdesk.lastpass.com/lastpass- ... evices/#h1

LastPass Premium includes:

Family password sharing (up to 5 users, with the Shared Family Folder)
1GB encrypted file storage
Priority customer support
Extra security with Premium two-factor authentication (YubiKey and Sesame)
Desktop application logins (with LastPass for Applications)
Desktop fingerprint identification
An ad-free vault
Deal Addict
User avatar
Jun 19, 2010
2423 posts
1948 upvotes
Calgary
I've been using 1password forever. The database is kept on my Dropbox and is AES-GCM-256 encrypted. It also works on every device I have. Less chance of a single provider getting hacked (as Lastpass was in 2015).
In your pants!
Deal Addict
User avatar
Jun 8, 2008
3470 posts
728 upvotes
GTA
TheWalrus wrote: Genuinely curious: how does the mobile app fare? Can it also fill in forms in the browser and in apps for you or add copy notifications when it can't? That's the one thing I use LP for the most.
I have android but it's good, there's a couple free apps and they feature quickunlock if you want it too. Also I store my .key file (needed for unlocking db) on my pc and my database file on my cloud storage. So that's how I sync it with all devices and pc's. The database file is useless without the key so even if stolen no one would be able to open it decrypt it

Firefox, chrome and every browser has multiple auto type keypass addons too. The info the other guy gives is outdated. Keypass 2 has been out for ages.
Deal Addict
Jan 10, 2017
1536 posts
981 upvotes
GTA
TheWalrus wrote: Genuinely curious: how does the mobile app fare? Can it also fill in forms in the browser and in apps for you or add copy notifications when it can't? That's the one thing I use LP for the most.
jarko wrote: Firefox, chrome and every browser has multiple auto type keypass addons too. The info the other guy gives is outdated. Keypass 2 has been out for ages.
Just note that all mobile apps are unofficial versions and not built by the KeePass team, most of the recent flak that lastpass was getting was from browser plugins being able to be intercepted which now have been patched. Same type of vulnerabilities are most likely to be apparent on the third party plugins.

https://www.theregister.co.uk/2017/02/2 ... ment_apps/
There's more vulnerabilities being found but especially on Android but KeePass is avoided due to it not having an official client.
As long as you don't have malware on your Android device, you should be fine using KeePass variants.

Top

Thread Information

There is currently 1 user viewing this thread. (0 members and 1 guest)