February 5th, 2010


Anyone have experience with LastPass?

I've been using KeyPass as my master password manager for a while now, and it's generally been okay, but I'm coming to the conclusion that local storage of the password file, to put it bluntly, sucks. I mean, it works, but I've wound up needing to keep the master copy on my keychain (so that I can enter new passwords from any computer), and cache copies in a bunch of places for easier access.

So I sat down and asked myself what I would require from a really *good* password manager. Ubiquity is clearly part of it: I want to be able to access the *same* password file from any computer. (Including, ideally, my phone.) Therefore, it needs to be online-hosted in some fashion. And it needs to be secure: I require that passwords be client-side encrypted, because I don't trust *any* company with my full password collection.

Today (while looking at Chrome's extension gallary), I stumbled across LastPass, and it seems to be what I want. Online storage; client plugins for damned near everything (including Android); highly rated; client-side encrypted. Costs real money, but that's actually a plus in my book: I am *much* happier doing business with a company when I understand their business model, and $12/year is a reasonable price for the service.

So before I go commit myself to this, I'm just curious about whether folks here have experience with it. Are there downsides you've heard about that are less obvious?