[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lastpass

 > From: Flora <http://www..family/~flora>
 > Date: Mon, 18 Jun 2018 05:19:39 -0400
 >
 > > It says here that this is unsafe:
 > >
 > > https://security.stackexchange.com/questions/17940/is-it-safe-to-generate-passwords-online
 > >
 > > Not sure of veracity of the answer, however.
 > 
 > I'm selecting generate on your device, do not send across the internet.

OK, but it is subject to the same caveats mentioned in the above answer,
namely that Javascript loaded into your doesn't necessarily need to adhere
to what it says it does (do not send across the internet).

Especially since you are already generating the password on your device
and therefore depending upon the device's random number generators, it
seems like using LastPass's generator would be slightly safer since
everybody and their mother uses LastPass, and someone would've recognized
a problem if there were one.

 > > Why don't use LastPass's generator?  Seems like, assuming you have a good
 > > random source, generating on your device of choice is safer.  Just my
 > > intuition, 'tho.


Why do you want this page removed?