(reason: 550 5.4.1 [security@lastpass.com]: Recipient address rejected: Access denied) 
-
Show this thread
-
Replying to @taviso
FIPSmode Squad Retweeted Tavis Ormandy
almost exactly two years ago:https://twitter.com/taviso/status/769378052254015488 …
FIPSmode Squad added,
3 replies 0 retweets 8 likes -
Replying to @anthonypants
Hah, it turns out the majority of the crazy is concentrated around one particular vendor. I will definitely not look at them again, I don't even want to say their name.
3 replies 0 retweets 14 likes -
Replying to @taviso @anthonypants
Are you able to share your password management solution and/or vendor of choice?
1 reply 0 retweets 5 likes -
Replying to @EggcellenceLLC @anthonypants
KeePass and KeePassX are both good choices. If you really must use an online one, at least LastPass are responsive to researchers and have a competent security team, I would use them.
6 replies 6 retweets 35 likes -
You seriously consider LastPass competent? While they are responsive, they seem remarkably bad at producing secure software. As in: they fix the exact issue you report them, without checking for similar scenarios or adjusting their development process. Attack surface is massive.
2 replies 0 retweets 3 likes -
I consider them competent, I've reported some pretty complex issues and found they handle them well. Attack surface is definitely massive, I always recommend KeePass or just use a book if that's too complicated.
2 replies 1 retweet 10 likes
People tell me they're going to use an online password manager and that's that, so i don't know, at least use one where they have a fully staffed security team who can handle reports quickly? Shrug.
-
-
Your statement just seemed rather odd, because it's definitely possible to produce an online password manager without creating a massive attack surface, and at least some vendors do it while also processing vulnerability reports well.
2 replies 0 retweets 0 likes -
I have not shared your experience
1 reply 0 retweets 5 likes - 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.