undefined | Better HN

0 pointscraftyguy8y ago0 comments

> What makes LastPass inferior to these other options?

Well, for one, the very first sentence of the article here.

0 comments

The article whose "exploit" requires handing your unlocked phone to someone?

> (Edit #1, 7.30pm GMT): A lot of people are saying that this flaw requires physical access. However, as I pointed out above, you don’t need physical access, a maliciously installed application can easily access the activity and capture the code.)

strictnein8y ago

So you don't need physical access you just need to install a malicious application? Okay then.

Why can one application even explore and access the views of another?

1 more reply

craftyguyOP8y ago

You'd be surprised how many people (not on HN) use extremely weak (or no) unlocking mechanisms for their devices. It overlaps with the set of folks who would want to use LastPass because of how easy it is.

saosebastiao8y ago

Do you know what is easier than using last pass for people who use weak unlocking mechanisms? Using the same password everywhere.

I'd be surprised if there was any overlap at all where you claim.

1 more reply

SubiculumCode8y ago

And which just got revealed,and will probably be fixed.

Someone12348y ago

The article that is literally not about Lastpass's password manager?

Lastpass Authenticator is not their password manager. It is a Google Authenticator competitor...

craftyguyOP8y ago

If they have a history of shitty security practices (this app), then why should we fully trust other apps they make?

Someone12348y ago

You're going to double down on completely misreading the article and misquoting as to why their Password Manager is insecure? Come on...

1 more reply

j / k navigate · click thread line to collapse

0 comments

strictnein8y ago

The article whose "exploit" requires handing your unlocked phone to someone?

larvaetron8y ago

strictnein8y ago

So you don't need physical access you just need to install a malicious application? Okay then.

Why can one application even explore and access the views of another?

1 more reply

craftyguyOP8y ago

saosebastiao8y ago

Do you know what is easier than using last pass for people who use weak unlocking mechanisms? Using the same password everywhere.

I'd be surprised if there was any overlap at all where you claim.

1 more reply

SubiculumCode8y ago

And which just got revealed,and will probably be fixed.

Someone12348y ago

The article that is literally not about Lastpass's password manager?

Lastpass Authenticator is not their password manager. It is a Google Authenticator competitor...

craftyguyOP8y ago

If they have a history of shitty security practices (this app), then why should we fully trust other apps they make?

Someone12348y ago

You're going to double down on completely misreading the article and misquoting as to why their Password Manager is insecure? Come on...

1 more reply

j / k navigate · click thread line to collapse