Slashdot Mirror

← Back to Stories (view on slashdot.org)

LogMeIn To Acquire LastPass For $125 Million (lastpass.com)

Posted by Soulskill on from the consolidating-security dept.

An anonymous reader writes: LogMeIn has agreed to acquire LastPass, the popular single-sign-on (SSO) and password management service. Under the terms of the transaction, LogMeIn will pay $110 million in cash upon close for all outstanding equity interests in LastPass, with up to an additional $15 million in cash payable in contingent payments which are expected to be paid to equity holders and key employees of LastPass upon the achievement of certain milestone and retention targets over the two-year period following the closing of the transaction.

5 of 100 comments (clear)

  1. Re:Will Use Neither by Gaygirlie · · Score: 4, Insightful

    Having a company that collects passwords

    The quoted part never sat right with me, I've always felt somewhat icky about the idea of giving out all of my passwords to a company-controlled service. I don't know if it is rational to be wary of them or not, I certainly haven't heard of them doing anything nefarious or anything to earn it, but passwords and usernames are just so damn important that I just don't know if I'd want to hand the whole damn treasure-trove out to an unknown 3rd-party. I've always used Keepass 2.x to store my passwords -- the password-database is always in my control, and there are good, open-source apps for Keepass-databases for Windows, Linux, Android et.al.

  2. Re:Will Use Neither by Anonymous+Psychopath · · Score: 4, Informative

    Without you giving LastPass your master password and access to your two-factor authentication (you are using two-factor, right?), they couldn't tell you even one of your passwords if their lives depended on it.

    --

    Eagles may soar, but weasels don't get sucked into jet engines.

  3. Re:Get ready for high pricing by Shatrat · · Score: 5, Funny

    It doesn't seem to have worked for logging you into Slashdot, though.

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
  4. Re:Will Use Neither by chihowa · · Score: 4, Informative

    Without you giving LastPass your master password and access to your two-factor authentication (you are using two-factor, right?), they couldn't tell you even one of your passwords if their lives depended on it.

    So they claim, but since you're using black-box software provided by them to access your passwords that's a pretty specious claim. If the current binary that they provided to you doesn't harvest your access keys, the next one very well could (and most certainly would if their lives depended on it).

    Marketing claims may provide some hint at utility, but they shouldn't be conflated with an actual measure of security.

    --
    If you want a vision of the future, imagine a youtube comments section scrolling - forever.
  5. Re:That hardly matters by frovingslosh · · Score: 4, Insightful

    If LastPass was only a place that you stored an encrypted file that you created yourself and could only give it back to you in encrypted form, then what you say could be argued. The argument might or might not hold up, but it could be argued.

    But if you are using LastPass software on your own machine to do the encrypting and the decryption of the passwords and then logging in to sites that you want to be secure, then you have given up control.

    If you are too trusting to understand this, replace "LastPass" with "Chinese" or "N.S.A." in the above and read it again.

    --
    I'm an American. I love this country and the freedoms that we used to have.