Quick question, folks. Do you back up your passwords, etc. from Lastpass locally? If so, in what format? I have not at this point but thought it might be good to do so. Thoughts?
Thanks!
Get yourself a secure virtual briefcase. I recommend VeraCrypt with a good strong password.
Use the built in feature of LastPass to export your passwords to CSV and store that file into your secure virtual briefcase. (In the plugin menu it’s Account Options | Advanced | Export | LastPass CSV File )
You could also use 7-Zip to encrypt it, if you are careful, and again use a good quality password.
2 Likes
Dumb question but why would you need to back them up?
1 Like
I have an encrypted spreadsheet with my passwords. Saved to an encrypted flash drive and locked in a safe. Also as PHolder said, I use 7-Zip.
1 Like
In case something happened to LastPass or to your account? Perhaps LastPass will get severely hacked and all data lost. Perhaps you’ll get hit by a bus and be in traction for a year and your LastPass account will be deleted. Who knows… better to be safe than sorry… and to not have a single point of failure.
3 Likes
Along these lines…Do you allow Google to keep passwords? (Only accessible with the account owners password?
I have my account linked to my wife’s account. If I am incapacitated, she can request access through last pass. If I fail to counter the request in, I think, 3 days, she gets full access.
2 Likes
LastPass exports to a CSV format, I believe, so that’s the format you would get from them.
If you value security, do NOT use the browser’s in-built password management. If there is ever any vulnerability in that part of the browser, it will immediately be targeted. Since you probably unlock it and leave it unlocked while the browser is running, you’re exposing a target to every Javascript script that runs on every site you ever visit. At least if you add LastPass (or other password managers) into the mix, there is a second line of defense.
Also, I only leave LastPass unlocked while I use it, then I log out. I personally don’t find typing my LastPass password a few times a day to be that big a deal.
1 Like
[quote=“PHolder, post:9, topic:7382”]
you’re exposing a target to every Javascript script that runs on every site you ever visit [/quote]
Are you saying that even if Google requires entry of Google password to reveal actual password for a site, other sights can see all my stored passwords? I think we are getting farther than my TWiT training has takin me.
I was saying that such a bug could be allowed to happen, in theory… not that I know there is a current bug that allows it. The point being that mal-doers would target the largest target… and Chrome is necessary no matter what extensions it also gets, so you’d start by targeting Chrome if you saw some opportunity.
1 Like
Lastpass keeps a local copy of the database on your devices, although I don’t know what you could do with it in the event of some of the failures you mention.
Thanks for the advice everyone. By the way, Firefox has issues exporting Lastpass data. It is known as I saw a thread on their support forum. Basically nothing happens when you attempt to export.
1 Like
No, I do not keep a local copy.
Old school. I print a hard copy and keep it in the safe. For that key info i want one non digital copy.