There are a dozen or more password managers for Macintosh, Windows, Linux, Chrome, Android, and Apple iOS computers. LastPass has always had a good reputation for being one of the more secure password managers. That was proven once again recently when the Drug Enforcement Administration (DEA) demanded logins and physical and IP addresses, as well as communications between a user and LogMeIn, the owner of massively popular tool LastPass.
LastPass is an encrypted vault for storing passwords. The DEA was seeking information related to a LastPass customer suspected of dealing drugs via the dark Web and Reddit, according to a court-ordered search warrant detailing the request.
There was a problem with the request, however.
It seems that LastPass uses an encrypted vault for storing passwords. While the encrypted passwords and notes are stored on LastPass’ servers, even the LastPass employees cannot decrypt any user’s vault and therefore cannot read any of the contents of a LastPass vault. Court order or no court order, the DEA was unable to obtain the requested private information.
You can read the details in an article by Thomas Brewster in the Forbes web site at: http://bit.ly/2UdZ77d.
The next time you store a password or a text note in a password manager, ask yourself, “How secure is this password manger anyway? Can a government agency or a hacker in Uzbekistan obtain this information?” Then you should recall the Drug Enforcement Administration’s experience.
Disclaimer: I have been a LastPass user for years.
- Facebook Showed Me My Data Is Everywhere And I Have Absolutely No Control Over It
- New York Times: The Privacy Project
Categories: Online Privacy & Security
Leave a Reply