LastPass OR 1Password ??

[Lee_Bo]

Unless I'm missing something, the LastPass security breach was 4 years ago, which is what your article is talking about (and I hate that it doesn't have a date).

4 years, 4 weeks, 4 hours. It was breached.

The OP asked for recommendations, I gave mine.

If you don't like 1Password, don't use it. If you like 1Password, then use it.

 

[mogelijk]

4 years, 4 weeks, 4 hours. It was breached.

The OP asked for recommendations, I gave mine.

If you don't like 1Password, don't use it. If you like 1Password, then use it.

One of the first questions asked by the OP was, "I'm just wondering though... why is it that mostly 1Password gets reviewed when it comes to Password Safe apps?" I gave an answer to that question.

Second, you stated, "the security breach not too long ago." Four years ago, at least for most of us, was several years ago. I merely added some context -- I find it hard to see why that is a bad thing.

Last, I don't think I said not to use one of the other -- I said both are highly rated (which they are) and, maybe I should have actually stated it rather than imply it, that both are good choices.

 

[imwjl]

I've had 3 users have terrible compromises - luckily on their time but there was some spillover to the enterprise because I had to do resets.

I do a regular lunch meeting area security and enterprise admin associates, and I work with a CISSP. A few weeks ago I had a Mac user call about a password issue and learned she was totally compromised with a really good spoof I'd read about in security circles.

With my 700+ users and my associates in places with thousands of users we see and dissect compromises that occur. Holding private data and passwords in a spreadsheet or text file is not judicious behavior.

I'll add a yes to the 1Password advertising. I don't see LastPass advertising in the same way.

The LastPass issue brought up gave me confidence via the way they handled it. Honesty, fast, and forced password resets. My own two users who were completely screwed with a compromise only knew about it when it was too late. One thankfully gone from the company was always a smarmy know it all to me because she had a level 1 help desk job years ago. The foolish woman somehow got her cel phone # ported via the compromise she had. Think about how well your two factor will work if someone else ports your cel phone?

 

[maj71303]

Neither as I use iCloud Keychain and Enpass for my needs. Enpass doesn’t store or sync anything on their servers and you can use any cloud to store things yourself.

 

[imwjl]

Neither as I use iCloud Keychain and Enpass for my needs. Enpass doesn’t store or sync anything on their servers and you can use any cloud to store things yourself.

The good systems encrypt and decrypt locally. I don't know about Enpass but both owners of LastPass have always been good about documenting key matters including how the company could disappear and you'd have your data.

Most popular FAQa at bottom of linked page.

https://forums.imore.com/e?link=htt...php%3Fcmd%3Dshowfaq%26id%3D425&token=CwN5vh55

 

[maj71303]

With Enpass you control your data so everything that goes good or bad is on you the user since they don't store copies of anything including the encryption key / password you use to encrypt everything. Everything is encrypted and decrypted locally on device just as you said and where you store your vault is up to you as they do not. They don't have all the bells and whistles of the others in features wise though but I like it like that.