Tuesday, February 28, 2012

LastPass: THE Password Manager

Password managers have always been something I have stayed a way from, wrote policies against and warned others about....until I found LastPass.


With the right security configuration in place, LastPass is everything I can trust in a password manager. I have been a Premium user of LastPass for a couple of years now and here are a few highlights that make me want to tout it:


Local Encryption - The password file encrypted/decrypted is handled locally only. The only thing stored on their servers is the ecrypted payload, they have no way of decrypting your data.


Two-Factor Authentication - I started using YubiKey with LastPass and have since switched to Google Authenticator. Support for two-factor authetication is key to this. This way, no matter how long or complex my password, a second time sensitive and randomly generated pin is also required to gain access. Since I am trusing this with all my online passwords, two-factor authentication is essential.


Synchronization - The encrypted payload is shared and kept synchronized in the "cloud". LastPass offers many ways of accessing and using LastPass across mobile devices, public computers and even offline.


Password Sharing - I am able to share my password with others. I can give another LastPass user the ability to use my saved credentials to access particular sites. I can also restrict that sharing so that the other user cannot alter or even see the password if I choose.


Security/Strength - I only ever need to remember my master password and use my two-factor pin to access any website. This allows me to make sure that every password that I set on a site can be as long and complex as the site will allow and LastPass will remember it, and never using a duplicate or unsecure passwords again.


LastPass with a strong master password and two-factor authentication has changed my opinion about using a password manager. With it, my online credentials are now more secure than ever before.


Try it out:
http://www.lastpass.com



No comments:

Post a Comment