Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

On a printout and even inside the vault itself. You only need the key the first time you unlock the vault on a device. After that the key can be encrypted locally with just the master password or kept in the TPM (or the platform's equivalent).


But if you don’t have the printout and a device with the encrypted key, you cannot access anything. I’m not sure users are going to be happy.


To lose your passwords, you have to lose literally every device you have LastPass on and your printout and any E2EE backups of the key (e.g. to iCloud.)


Yes but it’s convenient to access your online accounts when you don’t have access to your devices and your printout.


You should never ever open up any password manager on a device you don't trust and own.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: