top | item 43296909

(no title)

dathery | 11 months ago

It would probably be more accurate to say that LastPass has the information to decrypt your vault if they can guess your password. By contrast 1Password would need to both guess your password and guess your personal secret key. The latter is effectively impossible assuming the key generation was well-implemented. The trade-off is that users must keep track of their own secret keys.

discuss

Everdred2dx|11 months ago

How does that work with sharing vaults between devices?

pigbearpig|11 months ago

You have to provide the secret key to each device on initial setup. After that, you just need your password.

panick21_|11 months ago

What if in lastpass you have 2FA?

TingPing|11 months ago

2FA has nothing to do with the encryption, if that data is leaked.