But no matter how many crypto vulnerabilities I find in LastPass I can't change @thorsheim's or @jmgosney's mind on using LastPass. So torn…
-
Show this thread
-
I've said (for a long time) I'm leaving Lastpass. And I am.
2 replies 0 retweets 0 likes -
Replying to @thorsheim @dashlane and
but you still use it even tho I found a padding oracle that reports to LastPass in an error code the byte value that failed.
1 reply 0 retweets 2 likes -
Replying to @Sc00bzT @thorsheim and
That proves they are 1 not good at crypto and 2 fucking horrible at common sense.
1 reply 0 retweets 3 likes -
Probability of a random or targeted attack against me would be what, on a scale from 1 to 4? ;-)
1 reply 0 retweets 0 likes -
If you own LP's web server why not have it attack all active users until you're caught. Also LP's web servers have been owned multiple times
1 reply 0 retweets 1 like -
Replying to @Sc00bzT @thorsheim and
Is there a password manager to recommend to mere mortals that isn't a steaming pile of crapto?
5 replies 0 retweets 2 likes -
-
Replying to @jedisct1 @CiPHPerCoder and
"... Enpass is the world's best password manager..." Comments Scoobz? :D
4 replies 0 retweets 1 like -
Replying to @thorsheim @jedisct1 and
https://www.enpass.io/security/ 24,000 rounds of PBKDF2?
3 replies 0 retweets 1 like
It’s a sensible choice. Don’t forget that it has to work on cheap mobile devices as well.
-
-
Replying to @jedisct1 @thorsheim and
No, that's fine, I was just curious what was the underlying hash function. I'm assuming SHA1 since they use HMAC-SHA1 elsewhere.
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.