cancel
Showing results for 
Search instead for 
Did you mean: 
dahacouk
Active Contributor

Re: Combine LastPass Authenticator With Password Manager App

Really sorry to say this but in the light of recent events LastPass (management and technical) have shown a lack of care and competence in keeping our data safe. Assuming that this is still the case, don't do anything too radical in one go. So, take it slowly. Test and retest. Have a staged roadmap that we can all see, comment on and buy into. So, don't combine the apps straight away but provide a link that enables TOTP to be suggested and filled by the LastPass browser extension. And get that right first before moving on. And don't leave unencrypted backups of your whole business on old servers.

AKHBGT
Contributor

Re: Combine LastPass Authenticator With Password Manager App

I'm concerned as having them separate makes sense, and why is that?

 

I want my Vault separate than the App.  Often we need the App to authenticate into the Vault, if you combine them, how do you restore?  We have users use a diff factor to get into vault, then download App, then restore app settings from Vault, then re-activate using their App LP authentication again.

 

If you take that 2step away, it makes it harder to get into the vault to establish the process cleanly to restore/reinstall.

 

I'd love to say I'd like LP to consider a user guide on how to recover/restore and what MFA/2FA would need to be activated to make that a smooth process, but I know that's expecting something that won't be produced unless it's a partner org (like mine). 😞

weejayrane
New Contributor

Re: Combine LastPass Authenticator With Password Manager App

Because I really don't want to put all of my eggs in one basket, I prefer them to be apart. I would like to see the authenticator sync secrets across devices and encrypt them. thaumcraft

Thorz
Active Contributor

Re: Combine LastPass Authenticator With Password Manager App

In the light of the developments after the latest security breach where Lastpass show an absolute lack of clear and honest communication with their users and lack of care about their customers' privacy and security of their data I strongly recommend:

 

  1. If you are still a user and have still not left the boat, leave this company as fast as you can. There are several password managers out there that offer stronger security models than LP at this time, and even more importantly, clear and honest communication with their customers without just trying to cover their a$$ with halv truth statements where lots of info is left untold giving their users a false feeling of security when in reality a huge number of customers are at the moment at a high risk of been victims of their vaults been cracked (PBKDF2 password iterations count as low as 5000, 500 or even 1 in a huge number of vaults in 2023?)
  2. Delete your LP account and vault from their servers and change your most important logins ASAP, specially if you are one of those unlucky souls that had a low number of password iterations at the time the hackers got away with all the LP's customers' vaults
 
weejayrane
New Contributor

Re: Combine LastPass Authenticator With Password Manager App

I can't decide between the choices. I'd love to see TOTP suggested when asked by a desktop or mobile app or website. And if this can only be accomplished by combining them into a single app, excellent. Yes, if you combine the apps, there will be a problem with 2FA for LastPass itself. balenaetcher aniyomi saikou

Aurion60
New Contributor

Re: Combine LastPass Authenticator With Password Manager App

I'm getting old and trying to keep up with, technical, I've been into computer for the last 25 years, but it slow creeping up on me too fast, and NON understand all this new technology, please left as be for now.