LastPass Goes Free, But Should You Be Putting All Your Eggs In One Basket?


There are two schools of thought when it comes to password management, create long and complex passwords that you can remember, or use a password management service like LastPass.

These services create a cloud based locker for complex passwords which aren't part of normal language. In effect making them all but unbreachable. Also because your password for each service is different a service level breach won't impact any of your other passwords.

In order to make encourage more people to use the service LastPass has announced that's its premium tier service, which allows you to access your passwords from just about anywhere, will be free to everybody.

That's great news - but proceed with caution, there is a definite downside to these sorts of service.

No individual provider should ever be considered completely secure. If you can access your passwords from the cloud, then a breach at LastPass, or any of its similar competitors, exposes every single password you have stored in the system.

Not that there's any question these services take security very seriously indeed, but if I were someone seeking to profit from stolen passwords this would be the mother lode, holding as it does, the keys to every user's kingdom all in one place.

If you really aren't good at password management LastPass is a good option for improving your personal security. If you are able to manage your own passwords without storing them anywhere I'd strongly encourage that you stick to managing them yourself, adding two factor authentication wherever you can.

0 comments: