undefined | Better HN

0 pointschakalakasp8y ago0 comments

What was unreliable about Lastpass? Anecdotally, I've been using it for quite a while and have never had it fail. 2FA, easy sharing, dead mans switch to give access to a loved one if they request the access and enough time elapses, etc. Security wise, despite several network breaches (which should be expected to happen at some point with any networked computer system), the database has remained secure because they do encryption right, and when Tavis sussed out bugs in the client they patched them immediately. You moved from a highly reliable service with a subscription to another service with no subscription that turns out to kinda suck for your needs. No shame in switching back to what works.

You can switch again to a homerolled solution like you are suggesting, but you're not going to "no deal with this shit", you are now your own IT for this shit you homerolled.

0 comments

1 comments · 1 top-level

nextlevelwizard8y ago

I wasn't trying to imply that Lastpass was somehow unreliable, I simply switched away from Lastpass since it had yearly subscriptions VS. 1Passwords 'pay-once-own-for-life' model.

But since now 1Password is changing their subscription model if I were the use Lastpass, what would happen if one day they would shutdown their services? At least with 1Password I have (or had) my local vault in Dropbox/iCloud/whatever and I could still use it.

So next step beyond that would be to roll "my own" (obviously using software written by actually smart people) password management system which used open source and self hosted parts. That way I factor in upfront the "I have to deal with this shit" part and it doesn't come as a surprise years along the line when the company I'm relying on goes belly up, or changes their business strategy or whatever. Obviously it's not perfect, but I have to consider things. It's not wise to just rush into things.

j / k navigate · click thread line to collapse