Slashdot Mirror
Popular Password Manager LastPass Doubles Price of Its Premium Plan, Removes features From Its Free Service Tier (neowin.net)
An anonymous reader shares a report: In November, LastPass made a big change to its service, allowing users to keep track of their passwords across all their internet-enabled mobile and desktop devices, free of charge. In addition to the free tier, the cross-platform password manager - available on iOS, Android, and Windows 10 -- also offered a Premium plan with additional features, priced at $12 per year. Today, LastPass announced another wave of changes to its lineup for individual users -- but this time, the changes are unlikely to be welcomed with open arms by its customers. LastPass Premium has now doubled in price to $24 a year, which includes "emergency access, the ability to share single passwords and items with multiple people, priority tech support, advanced multi-factor authentication, LastPass for applications, and 1GB of encrypted file storage," along with all the other features of the Free tier. In a statement, the company said, "While LastPass Free continues to offer access on all browsers and devices and the core LastPass password management functionality, unlimited sharing and emergency access are now Premium features. Free users will be able to share one item with one other individual.
Format:
# SomeShittySite
username / password
# AnotherShittySite
username / password
# AThirdShittySite
username / password
$0/year. You can have this "service" for free.
"Lastpassholes hobble free tier, jack prices"
FT headline FY.
Never understood the whole, "here Internet, take my passwords" mentality anyway.
Shocked I tell you.
#1 get them hooked
#2 get their passwords
#3 ????
#4 profit !!!!
That post is almost illegible. Did you do that on purpose?
And please, don't start crying about unicode
“He’s not deformed, he’s just drunk!”
that are just as good. Don't think that LastPass is the single condition for storing your passwords securely.
A hosted 1GB of storage is kinda dinky compared to all the providers where one can get cloud storage but the infrastructure to provide it properly isn't all that cheap. I can't help but wonder why they thought to tack this on to their service.
whatâ(TM)s the aim of a âoestoryâ
Seriously, does OP type their responses into MS Word, then post them here?
Once you become dependent on cloud services, they are no longer in your service, you are in theirs.
Furthermore I can't comprehend why anyone would think such a service is safe to use in the first place. Typical 'Cloud' service: Get you used to it, then rip the rug right out from under you. Also, as previously stated: Why would anyone think something like this is safe or a good idea in the first place? Let a bunch of faceless strangers on the Internet keep all your passwords for you?
Big surprise. I used them because they were decently priced and useful. I got annoyed when I had to start paying for my wife's account because they stopped letting you use the free version on mobile. Now they're doubling the price and their browser extension has become a shitpile of slow-loading crap.
So where's the open source alternative? I don't want to go back to a GPG encrypted text file. Or will everyone *please* implement U2F with yubikeys already? It's nearly 2018...
I just renewed recently while it was still $12/year. I feel that $24/year is a bit high. But on the other side, I would never need any of the premium features. That said, I'm happy to pay $12 per year for their service to help a great company. Lastpass has been solid and their service is indispensible.
then you spend to much fricking time online.
I subscibe to a number of online services small enough that I can remember all my passwords. Old school brain memory is the ultimate available-on-all-my-devices-and-unhackable service.
Password managers are like all those people who seriously try to make us believe that they really need all those two dozen credit cards in their wallet. They don't.
I've been using LastPass for many years. I used to use Password Safe, which is strictly local. But they had me at "all popular platforms including Linux".
I have no objection to the price increase. They deserve it, and no doubt will use the money to make the product even better.
Is that Perl?
Trolling is a art,
Says someone obviously grammar challenged, & can't tell whether or not a headline is a question. Betteridge's law only applies to headline questions that have a simple yes/no answer
Not a bad idea, if one is afraid of the browser quitting any time and eating that composing time w/ it. A lot of people, after being burned, adapted this policy. And yeah, it's perfectly legitimate to scream about Unicode: Android, iOS and even Windows 10 supports it, but Slashdot doesn't. And renders posts in ridiculous ways out here.
I was a Premium user since they launched. The changes to the free tier last year caught me by surprise, and sure enough, since I had no reason to pay for Premium I stopped. I remember getting an automated questionnaire as to why I stopped being a Premium customer and I explained clearly that they now offered the full feature set I was interested in in the free tier.
Now they're apparently changing it so that one feature I want (emergency access) becomes part of the Premium package. Fair enough, they'll get me back as a Premium customer. LastPass is one of those tools I happily pay for, no questions asked.
it's in my head
I've used KeePass for years now, and while I don't have all the fancy password sharing features I do have my passwords, in a format I trust, available on my PCs and phone. I haven't yet seen a reason to switch.
Not a bad idea, if one is afraid of the browser quitting any time and eating that composing time w/ it. A lot of people, after being burned, adapted this policy. And yeah, it's perfectly legitimate to scream about Unicode: Android, iOS and even Windows 10 supports it, but Slashdot doesn't. And renders posts in ridiculous ways out here.
Actually, I *did* type it in Word on Windows 10, but what's interesting is I pasted it into Notepad and replaced all the Unicode, but apprently Notepad really didn't replace them...
If you want news from today, you have to come back tomorrow.
Just use open source KeePass to hold your passwords and use DropBox to sync your encrypted database between computers/phones/tablets. Works great between Windows, iOS, and Android at least. http://keepass.info/
Is PINS.exe still a secure option ?
I don't thinks its being maintained but was very handy a number of years ago.
So why not use a local app and cloud storage service? I use Keepass and NextCloud but could easily use GoogleDrive or DropBox or somesuch. The encrypted file doesn't take up that much space and you can sync it to whatever device you want.
I just use gandalf as my password everywhere. If they require letters and digits then I use gandalf1.
If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
That's a nice password list you've trusted us to hold for ya. It'd be a real shame if anything happened to it.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
In other news, people still use services what that store all the keys to the kingdom...and now, those services have extended to sharing your passwords to others. :sigh: it's like laziness and lack of security is a virtue these days...
I will when they remove the emoticons
The millennial that doesn't like most of the stuff designed for millennials.
That's a very strange browser if it quits without any warning. I have posted here more than 100 posts, real posts and not spam, but haven't experienced my browser quitting or crashing without any warning. Maybe my OS is more stable? Didn't experience a browser crash since the past 3 years.
p.s
Seriously, I don't use any ad-blocker, no Java, no Flash only using JavaScript + hand edited my hosts files after importing 24 MB of junk sites.
I am on XP and browser is FireFox and currently having 7 slashdot tabs open on my browser and taskmgr is telling me I have consumed 330 MB out of 4 GB of total RAM.
Android, iOS and even Windows 10 supports it, but Slashdot doesn't.
Yes, and that is a feature. There is no need to take unnecessary risks.
“He’s not deformed, he’s just drunk!”
Definitely not Perl, looks like COBOL to me.
It doesn't help matters that the edit box in which one creates such posts will happily accept such characters as input and display them appropriately there.
File under 'M' for 'Manic ranting'
That part is not a feature. The text box should sanitize input also, or maybe not since it is not stored on their server yet. That's where preview comes in? And it's a bit trickier in journals, but I did find a preview that works there.
“He’s not deformed, he’s just drunk!”
If I'm understanding things right, what they're doing is basically pulling some features out of Free and making them Premium only (I'm ok with this), but they're doubling the price of Premium without actually adding any additional benefit to the users.
I cancelled my Netflix account when they tried this same stuff lo those many years ago. I understand the need to raise prices, but generally speaking, a naked money grab doesn't tend to go over well with users, A moderate raise in the yearly price, ok, not that big of a deal, but when you mark up 100% without adding any benefit, yeah, thanks, but no.
Thankfully, I've had my solution in place for years. KeePass is also multi platform and I just sync the database among my devices (started out with Dropbox, then Google Drive, now I use the Synology Cloud Sync stuff on my NAS in order to keep all my Cloud Synced stuff private)
Fuck you, fish tits.!!!.
It was pretty obvious this was going to happen when they were bought by LogMeIn last year as they have a history of buying good, useful things and jacking up the price. That's why I bought 5 years of Premium subscription as soon as the purchase by LogMeIn was announced. I'm actually surprised it's only a 100% increase so far.
You can't trust closed source, proprietary software, full stop. It may be ethical and secure today but how will you know when that changes if nobody but the company selling you the software/service can do a security and privacy audit? And what if they get a national security letter one day and push an update that sends all your passwords and usernames to the NSA?
Debate is a form of harassment. Do not question my truth.
I switched to EnPass, which runs locally on your machine (encrypted) and a browser addon uses a websocket to connect the two. Which means it doesn't inject itself into every page like Lastpass. Also LastPass tends to cause Firefox to take fits.
EnPass runs on pretty much any platform:
Sorry not sorry. If you value something then pay for it. If you are using a free service that is no longer available for free, well you should be happy you got the free ride in the first place.
Obviously they felt as a company they have a product people want and are seeing less of a need to give away free services. They may lose some non-paying customers, but that isn't exactly going to hurt the revenue now is it?
A piece of paper and pencil. It's amazing how much money I can save for password access and also have access to said passwords when the Internet takes a crap.
You have to save it in notepad (ansi) and close/reopen it for the "washing" to take effect.
If that happens to you, maybe you should change your browser to one that isn't shit.
Why not use Wordpad instead, which saves you from those formats? I know that Notepad has that annoying scrollovers that won't go to the next line until carriage return. But Wordpad does it right
It's happened to me occasionally w/ both FireFox and Chrome. Not on Slashdot, though, but other sites.
XP?!? That can't be secure online, can it?
Here's my encrypted password generator:
#include <stdio.h> // cc -o tinyrg32 tinyrg32.c ; ./tinyrg32 'Test vector' // ./tinyrg32 --hex --numbers 'A tiny list of numbers' // ./tinyrg32 --binary-stream 'Es la niña' // This is public domain, but NO WARRANTY
#include <stdint.h>
#define b(z) for(c=0;c<(z);c++)
#define d f[c*13]^=s;e[16+c]^=s;
uint32_t c,e[19],f[40],g=19,h=13,r,s,t,n[19],i,k;void m(){int c,j=0;b(12)f
[c+c%3*h]^=e[c+1];b(g){j=(c+j)&31;i=c*7%g;k=e[i++];k^=e[i%g]|~e[(i+1)%g];n
[c]=k>>j|k<<(32-j);}for(i=39;i--;f[i+1]=f[i])e[i%g]=n[i%g]^n[(i+1)%g]^n[(i
+4)%g];*e^=1;b(3)e[c+h]^=f[c*h]=f[c*h+h];}int main(int p,char**v){char *q=
v[--p];b(40)f[c]=e[c%19]=0;for(;;m()){b(3){for(s=r=0;r<4;){t=*q++;s|=(t?t&
255:1)<<8*r++;if(!t){d;b(17)m();b(p?8*p:8){if(~t&1)m();s=e[(t&1)+1];r=(p&3
)-2?c:1;b(4){i=s;if(p&4){i&=31;i+=i<8?50:89;}printf(p==2||p&4?"%c":"%02x",
255&i);s>>=8;}c=r;if((++t%8==0||(p&22)==2)&&p-2)puts("");}return 0;}}d;}}}
Point being, no one needs Lastpass to make strong passwords that are not duplicated.
They haven't even figured out how to implement proper support on mobile devices and they are raising the price? Hah! On Android, their only real 'supported' method is using Android accessibility services that drastically slow down the device and reduce battery life (it's meant for REAL accessibility needs like blindness, etc.). If you try to avoid that option your only other options are a glitchy Android 2.3 era keyboard or their internal browser. Thanks, but no thanks. The password manager built into Chrome or the Samsung browser may be far more limited, but it works better than lastpass...don't get me started on the fact that Google is rumored to be toying with a universal password manager for Android internally. (I don't mention Apple here because outside of a Macbook Pro and Mac Mini I use for dev work, I don't use anything Apple creates at all, so I have no idea if the situation is better/worse over there).
If you believe that I have a bridge to sell to you.
Both are free and cross platform. But honestly, a Dropbox account works just as well if you're not too paranoid.
...and what do you believe my dear?
That XPocalypse is true?
That the latest Windows don't have bugs?
That the latest and shiniest Windows is more secure than the previous ones?
I am sure internet browsers in Win10 or Win8.1 would only crash if you keep on lambasting M$ on your posts. Now which OS is more secure? LOL
I am curios when my Win8.1 consumes 3.8 GB (3,800 MB) of RAM on startup while my XP machine uses only 82 MB of RAM. Which one has more bugs logically?
You can steal quotes from [insert favourite film] and prefix the weight of an electron on to it and be done.
Why waste your time with stupid cloud shit when all it takes is not being lazy to (remember and) type 20+ words?
No attacker is going to know a single thing about your password, nothing. (unless the sysadmin can't understand unicode so limits you to ASCII / base62 usually, making brute forcing trivial)
They can't just shit out a magical dictionary attack that will know exactly how long your password is or what characters you used.
It needs to brute force every iteration of every word. If you use non-English words, for example, most dictionary attacks fail horribly.
Even if you use the longest password ever, it won't matter if the hashing system used by the sysadmin is weak, in which case hash collisions can occur with passwords that could be well under a tenth of the size.
Never mind the DB being leaked. That'd be worse.
Don't spout "but I have like 10 passwords I need to remember!", I have well over 50 of the damn things memorized.
Stop being lazy and actually use your damn brain. Offloading memory-tasks to other systems makes you provably dumber the more you rely on them.
Someone raised their price. Who cares?
It used to be called STRIP and they have been around since Palm was popular. It doesn't sync to their servers. If you want to sync between devices you log into Dropbox or Google Drive or you can sync over Wi-Fi from the mobile device to the desktop app. It stores the passwords in an strongly encrypted file on your account.
The application itself could use polish but it is very stable and it does everything that I need. It lets you add custom fields. The developers are quick to respond to queries. It's stable, quick, easy to use, and secure.
n/t
If your idea of secure is relying upon updates, then you are an idiot and you don't know what the fuck you are doing. ANY operating system can be hardened against attack.
password just stopped working in the middle of the night
LastPass websites now demanded a full year payment up front to get access to MY PASSWORDS on their servers
Disabled person SSD cut off from online banking in the lat on Friday night
Not one email sent to warn me
Its called wordwrap, it was added in win98 or something, just turn it on ffs
you're a fucking COCK SMOKER