Topic: removed - page 3. (Read 5584 times)
They found an outgoing stream from one of their servers that they couldn't identify, but no evidence evidence that it was anything more than that. To their credit, they disclosed that promptly & recommended folks change their master passwords just in case.
didn't last pass recently get hacked?
Tip for LastPass users: In order to provide password reset services without knowing their user's password, LastPass by default saves a disabled One Time Password locally for Account Recovery. To actually use that feature, you would need to be able to log in to your email account to activate the disabled OTP. So, if you want to be able to take advantage of this feature, you must make sure you're able to access the email account without using LastPass. (either choose an email password you can remember or save the email password in another password manager, such as PasswordSafe.) Short of that, users might as well disable that feature on LastPass preferences pages. Here is description of reset process: http://helpdesk.lastpass.com/account-recovery/
Alternative to KeePass: I recently found some open source software called PassWord Safe here http://passwordsafe.sourceforge.net/
Something kind of cool about it is: you can lock it with OTP using Yubikey(s), instructions on the yubikey website. The web page says its two factor authentication but I haven't had a chance to test that it can be configured to actually require both the Yubikey OTP and a static password.
Something kind of cool about it is: you can lock it with OTP using Yubikey(s), instructions on the yubikey website. The web page says its two factor authentication but I haven't had a chance to test that it can be configured to actually require both the Yubikey OTP and a static password.
By the way, it would be better if you could give a step by step walkthrough for lastpass and keepass. Include the use of 2 factor authentication as master passwords are easily to filch though keyloggers or leaked (look at Bitcoinica's Friday 13th hack!)
Lastpass has the grid 2 factor authentication as well as Google Authenticator for free users. Also, recommend your readers to use some sort of anti-keylogger like Keyscrambler on Windows.
Lastpass has the grid 2 factor authentication as well as Google Authenticator for free users. Also, recommend your readers to use some sort of anti-keylogger like Keyscrambler on Windows.
John, 2 factor authentication for the services that provides it? I'm not familiar with it myself, in fact. As for, lastpass and keepass, it's pretty simple, so I'll jump on that. I will pop the anti-keylogger and Kayscrambler in OP, but as yet again, I am not really familiar with the two, to do a how-to on them.
2 Factor authentication for Lastpass. Either use the Grid 2 factor authentication (http://helpdesk.lastpass.com/security-options/grid-multifactor-authentication/) or Google Authenticator (http://helpdesk.lastpass.com/security-options/google-authenticator/) . LastPass itself is worthless if you use only the Master Password as that's easily leaked.
By the way, it would be better if you could give a step by step walkthrough for lastpass and keepass. Include the use of 2 factor authentication as master passwords are easily to filch though keyloggers or leaked (look at Bitcoinica's Friday 13th hack!)
Lastpass has the grid 2 factor authentication as well as Google Authenticator for free users. Also, recommend your readers to use some sort of anti-keylogger like Keyscrambler on Windows.
Edit: And edit your signature; it's Technique not Techniqe
Lastpass has the grid 2 factor authentication as well as Google Authenticator for free users. Also, recommend your readers to use some sort of anti-keylogger like Keyscrambler on Windows.
Edit: And edit your signature; it's Technique not Techniqe
If you could duplicate the post here, I can sticky it. Stickying a link is kind of useless sometimes as people rarely will click through one.
removed
Jump to: