![]() But if someone had a weaker, more easily decipherable master password, then there was some concern.Ĭarey: And I think they're right about that. I think they seemed to feel that if someone had a strong non-dictionary master password, then they were pretty much in the clear. I believe LastPass said they were worried about brute force attacks against peoples' master passwords. If someone were to access the server from the outside and download your data to their own PC, they would still need to know your master password in order to decrypt that information. We don't store your master password anywhere in the cloud, so you have that same security that you have on your PC. How is that secure? What can you say to users who've opted for that service and may be concerned about their passwords being stored in the cloud?Ĭarey: Well, we believe our RoboForm Everywhere service is completely secure. So then let's turn our attention to the RoboForm Everywhere option. But even more than that, hackers by their nature aren't going to go after individual PCs if they can go after a server with 10,000 users. OK, so if the passwords are stored just on the PC, then it's up to the users to keep them protected and secure.Ĭarey: On the PC they have a master password, and then it would be up to the users to secure their PCs. It'll be more secure in the sense that the likelihood of a hacker hacking into an individual computer is going to be less than 10,000 users with all their passwords in the cloud. It's going to be more secure on your computer naturally than it would be in the cloud. But primarily, we have always focused on the computer as being the hub for your information. We have an optional RoboForm Everywhere service, which allows you to sync to the cloud. It's encrypted on your computer and it's always available from your computer. Assuming there was some kind of loss of data or breach at LastPass, can you describe RoboForm's security methods? What do you say to RoboForm users who may now be concerned about storing their data and passwords using a similar method?Ĭarey: First and foremost, the biggest difference between us and LastPass is that RoboForm by default stores your information on your computer. Yeah, and that is more the point I wanted to get to. ![]() But I appreciate that you're writing it from our standpoint because no one's really thinking about "well, who else is out there and what are they doing and how are they protecting. But I don't think it would be fair for me to comment on it because I'm not really sure what happened yet. It appears someone had access to their servers for a certain amount of time and that there could've been a transfer of data. I've read some of the articles and I read their blog, and they said there was an anomaly. I'm not even sure LastPass really knows what happened yet. I don't think anybody really knows what happened yet. Q: Bill, from what you may know of what happened at LastPass, what was your take on it?Ĭarey: That's a good question. To answer those questions and learn how RoboForm strives to keep its own customers' data secure, CNET recently spoke with Bill Carey, RoboForm's vice president of marketing. ![]() But is there an inherent vulnerability in relying on a single service to keep track of all your passwords? Should RoboForm users be concerned about the possibility of a similar "anomaly" exposing any of their data? Bill Carey, RoboForm's vice president of marketing After LastPass reported a possible security breach and potential theft of some of its users' master passwords last week, we wondered what it meant for other password managers, such as RoboForm.īoth LastPass and RoboForm help you create and manage strong passwords to log into the increasing array of secure Web sites that we all juggle these days. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |