DiscussWorldIssues - Socio-Economic Religion and Political Uncensored Debate - View Single Post

**sapedotru** · 05-06-2011, 02:06 AM

Definitely a "Not necessarily." If the passwords were stored on the service's servers in an un-encrypted manner, yeah.

But in the case of LastPass, everything's encrypted -- Even moreso if you use one of their methods of two-factor identification. Even if they got your master password, they'd also need the second factor for that to even be useful!

The problem with the two-factor encryption is that makes it only as secure as your e-mail as there's always the possibility to disable the second authentication. However, as you say everything is encrypted.

05-06-2011, 02:06 AM	#11
sapedotru Join Date Oct 2005 Posts 367 Senior Member	Definitely a "Not necessarily." If the passwords were stored on the service's servers in an un-encrypted manner, yeah. But in the case of LastPass, everything's encrypted -- Even moreso if you use one of their methods of two-factor identification. Even if they got your master password, they'd also need the second factor for that to even be useful! The problem with the two-factor encryption is that makes it only as secure as your e-mail as there's always the possibility to disable the second authentication. However, as you say everything is encrypted.
	Quote