falobasic.blogg.se - Yubikey lastpass free

Using a password manager is better than not using one and is a simple, cheap solution to improve the security of virtually any application/service you need a password for. The question is: are the risks acceptable to you? Refer to a sample attack tree for defeating two-factor: After all, if RSA got hacked and the attackers were able to use this to get into military contractors then no two-factor mechanism is invulnerable. Yubikey, as states, could also be vulnerable. So yes all software can have vulnerabilities. Lastpass has had a XSS vulnerability and a suspected intrusion recently.

Who are you concerned would want your passwords? Opportunistic attackers or targeted governments / organized crime?.

Are you storing the whole password in there or a unique value to which you add a passphrase?.

What passwords are you protecting in Lastpass?.

The complex answer: it depends on your threat model and risk appetite.