cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Active Contributor

Make data export feature encrypted

I'm truly amazed that export data feature exports all login in plain text and don't even ask the Master Password to confirm exportation. This is a truly security flaw, anyone who gets in your computer and have the chance to open your unlocked safe they can export all your passwords and copy to a flash drive or whatever, please fix this.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
LogMeIn Manager

Re: Make data export feature encrypted

Admins on Team or Enterprise accounts have the option to make settings like this mandatory, otherwise it is up to the user's preference.

 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!

View solution in original post

9 REPLIES 9
Highlighted
LogMeIn Manager

Re: Make data export feature encrypted

Hi @jcassol,

 

There is already an option to export your LastPass data to an encrypted file, if you enable Require Master Password Re-prompt anyone using the Export Data options will be asked to provide the Master Password first.

 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
New Contributor

Re: Make data export feature encrypted

I agree. All of your data is exported to a CSV file stored on your hard drive or worse into the cloud. The CSV file needs to be put into a spreadsheet to be worked with separate from the Lastpass.  A way to review and repair your passwords needs to be built into Lastpass to maintain the security of your account passwords.

Highlighted
Active Contributor

Re: Make data export feature encrypted

That's nice didn't know about that. But encrypted file should be a must on, including typing your Master Password. The option to export in plain text in my opinion should not be available, unless if you always input your Master Password even if you select the option "Do not ask the Master Password for 'x' hours".

 

 

Highlighted
LogMeIn Manager

Re: Make data export feature encrypted

Admins on Team or Enterprise accounts have the option to make settings like this mandatory, otherwise it is up to the user's preference.

 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!

View solution in original post

Highlighted
Active Contributor

Re: Make data export feature encrypted

Thanks for the attention GlennD. I hope LassPass team reconsider this option to be mandatory to users too.
Highlighted
Active Contributor

Re: Make data export feature encrypted

How do you enable encrypted output for users exporting their CSV? 

Highlighted
LogMeIn Manager

Re: Make data export feature encrypted

Hi AvesAttorney, when a user exports their data they see options for a CSV file or and encrypted file. All users will have those options unless they have an admin that has disabled exporting data for their account.

 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Highlighted
Contributor

Re: Make data export feature encrypted

I wouldn't want my default export file to be encrypted necessarily (having an option is good which LP already has). The problem with encrypted file is that it can only be viewed once it is imported to back to your LastPass account. If I need to sort and organize my passwords I would want it unencrypted  so that I can use other applications like Excel to view my passwords.

Highlighted
New Contributor

Re: Make data export feature encrypted

I second @maverick747 's thoughts - encryption should be an optional feature (and perhaps on by default) but it should not be forced. Forcing encryption means that the only way to read the data is with LastPass, which creates a Catch 22 in case the reason for the need to access the backup would be some kind of problem with the LastPass software or service.

An UNencrypted export and backup MUST be an option.