Subscribe to our A Free Password Manager that's Just as Good as Roboform
I never thought I'd see it happen; a free password manager as good as Roboform and maybe even better.
Unlike Roboform which is a utility that runs on your PC, LastPass uses a web service that works in combination with a program that runs on your PC.
It's a smart approach:
The webservice means your passwords are accessible from different computers: PCs, Macs or Linux boxes.
The stand-alone program that runs on your computer means that you can access and use your passwords even when you are offline.
But the thing I like best about LastPass is that, just like Robboform, it automatically fills in login forms as soon as you visit a website. This makes it quite different from other password managers that merely store your login information and require you to copy and paste your credentials.
And LastPass stores more than usernames and passwords, it also stores webform infomation, in a similar manner to Roboform's Passcards. It also securely stores your notes.
The security and privacy of your infomation is protected by strong 256 bit AES encryption. Furthermore your encryption key and master password never leave your computer so not even the folks at LastPass can read your data.
Plugins are available for both Internet Explorer and Firefox so it will not only work on Windows systems but Mac and Linux systems running Firefox.
Some other features:
- Portable version available
- Can import information from most other password managers including RoboForm
- Can import IE and Firefox passwords
- Has a useful "Favorites" list
- Partial iPhone integration
- Support planned for Safari and Chrome (but not Opera)
All up, a lot to like here. Goes straight to the top of my list as the best free password manager.
Gizmo
Delicious
Digg
StumbleUpon
Please rate this article
Lastpass now provides multi-factor authentication protection for free users (was a premium service). It is a double layered protection in case your password gets stolen as it requires you to enter a PIN from a specific grid after entering your master password.
I had the LastPass setup in a folder. Whenever I used to go to that folder, the folder stopped responding for sometime, just sort of hanged... and after sometime things would be normal. I deleted LastPass... folder behaves normally.
Anyone else experienced that? What can be the cause for this?
I wanted to like LastPass. I wanted to live my life on the web. I tried it for a week. In my opinion, it's not quite as good as RoboForm - although maybe I'm too used to the latter's quirks. LastPass worked with over 99% of my sites, but did struggle with a couple (yes, posted to the LastPass forum). RoboForm worked with all of them - and seemed less intrusive. Free is nice, of course (unless that's your income), but RoboForm is hardly expensive. I'm glad I tried it. I may try it again in the future.
what a shopping center for hackers...
https://lastpass.com/safety.php
That's developers marketing, why should I trust it? A lot more convincing is the following page...
Another Great Online Password Manager: http://mitto.com
Free and easy to use.
-Lisa B.
Here's another one that's just as good: Billeo http://www.billeo.com/page/homepage.jsp?sitename=Billeo It keeps all your information safe as it is VeriSign secured and TRUSTe certified. Other than managing passwords it also sends reminders when bills are due, auto fills forms and saves receipts. It is a free browser plug-in, now available for Firefox 3.5 as well. Very handy!
I totally would not use a password manager based in part or in whole online, encryption or not. If you have cyberstalkers, as I do, they can just see the site where you store your passwords, contact the site covertly (warrant or not!) and convince them to hand over your information. This is reality, people today have the mentality of a police state, and they collaborate with self-appointed police very happily outside the law. I'd do nothing that's connected to the internet with all my passwords.
If your data is encrypted, all the owners of the site would be able to turn over is a bunch of gibberish, which is useless without your own password to the service.
Offline is somewhat more secure, but not as convenient - what if you want to access a service of yours while visiting someone else? It's something I do a lot. And with some online services, like mitto (what I use), you have to also confirm with a text message, so if the other computer has a keylogger, you're still safe.
What's right for you really depends on what you're doing and how you approach computing.
I agree.
One would have to be a raving idiot, to store passwords online
No offence
I guess I'm just not puter literate enough to appreciate lastpass, but I found it just too complicated. Problem is that now lastpass has all my pass words on there servers..was able to locate some in firefox browser password manager..but all were removed from secure login...so, I will have to start over again I guess. Am using firefox v 3.0.10,v 3.5 beta 4,and minefield, as well as k-meleon, and opera..ie is permanently in my cyber doghouse. So, not exactly a newby,but apparently not sophisticated enough to want to use keypass. Too bad, I did want to use it,especially after all the glowing feed back here.
You've converted me from KeyPass Gizmo! just took some getting used to...
techSupportalert fan :)
I'm also trying to switch over from RoboForm to LastPass, because I'm not paranoid enough to NOT trust the encryption! And I want to use the web-centric cloud goodness to not have to even log into a usb based portable browser... though that is not too bad, not really a hassle. My biggest issue: I too am dependent on IE Tab to render my work email (OWA) which needs multiple views daily. Since RoboForm DID IN FACT work with IE Tab, I am hopeful that LastPass can also eventually work with it... It was as easy as clicking the RoboForm taskbar icon, choosing my web mail, and a new IE tab automatically opened, autofilled, and auto-submitted - sweet!
JoeSiegrist says the IE Tab developers need to make it compatible, but this thread says the IE Tab lead developer has quit the project http://forums.mozillazine.org/viewtopic.php?f=48&t=505032&st=0&sk=t&sd=a...
Anybody know anything more? Any developments on the LastPass side of things?
In addition to all versions of Internet Explorer, RoboForm is fully compatible and supports the latest version of FireFox. Please visit this link for the most current version:
http://www.roboform.com/download.html
RoboForm users can choose one of five algorithms for encryption-AES,BlowFish,DES,3DES,and RC6. We have a desktop version that stores all files locally in addition to our USB version.
You forgot to mention that Roboform only works with Firefox on Windows and the desktop version is Windows only. Been using Roboform for years and love it except for the lack of cross-platform support. It keeps me constantly looking for another alternative. And don't suggest Roboform online. I have no desire to store any of my data on your servers. Give me a way to use my server instead of yours and Linux Firefox and I'll quit looking at other solutions.
This is the worst let-down of a software that I have had the misfortune of trying. The software is full of bugs and lacks even basic functionality. Let me give you an example. Suppose you store your password for your outlook login in lastpass. You can't log in directly from a browser, so you have to open the passcard and copy the password and paste it into the outlook login window. But the problem is you have to show the password in plain text for the copy and paste to work. I kid you not. If the password is hidden, it copies over as a bunch of binary characters that outlook will not accept. I don't know how so many people tolerate such a bad implementation of a good concept. There are better online password managers like passpack and clipperz out there if you are interested in the concept. Don't waste your time with lastpass.
I think you overgeneralize a little. LastPass has the features you want from its add-on, which is for Firefox and IE. It automatically goes to sites, autofills, auto logs-in, etc. It's a one-click solution.
If you don't have the add-on, just go to the website, click on "Bookmarklet" and drag and drop the bookmarklet for the session. It will autofill or autologin whatever current page is open. Then you can just copy and paste the URL instead of the passwords and simply hit the bookmarklet. You can also grab bookmarklets to autofill & auto login for IE and Firefox and other browsers too.
Hope this helps,
Rizar
Care to explain how either the add-on or a bookmarklet would allow me to log into outlook 2003 without revealing my password for the whole world to see? It is a fundamental flaw in the software that all the flashiness in the world can not solve. ClipperZ and PassPack have the exact same functionality as lastpass (bookmarklet, auto-login, etc.) for web logins, and they also allow you to copy passwords to stand-alone non-browser windows without revealing it in plain text. Overall, I find the latter two much better thought-out implementations of the concept than lastpass ever will be.
From the forum:
"You can add sites without URLs for local applications, and use Pocket to help you copy and paste into them (though we're developing something more advanced solution for local applications soon)."
From the help menu:
"One final exporting option is to a 'LastPass Encrypted File'. You can then import this data into LastPass Pocket to view your data. This file can be saved locally or saved on a USB Drive with the Pocket executable."
LastPass Pocket: https://lastpass.com/download.php (681.2 KB)
That is precisely what PasswordSafe and KeePass already allow me to do, thank you very much. And they are opensource, so at least I know I can trust their encryption and other security details. I just don't see why people should tolerate an obviously badly-designed product when there are better products out there whichever way you slice it and dice it. Both clipperz and passpack also provide a portable version of their program that you can use with a flash drive.
I would really like to know why you think opensource is trust worthy? How do you know that some greasy, pizza eating, coke slurping nerd, sitting in his mother's basement isn't coding secret backdoors into the program?
Unless you can read and fully comprehend data encryption code, and then compile the programs yourself, you really have no more security than getting the software from a big box company. And if you can do the aforementioned code analysis, then you would simply write the code yourself.
"As a cryptography and computer security expert, I have never understood the current fuss about the open source software movement. In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. It's true for cryptographic algorithms, security protocols, and security source code. For us, open source isn't just a business model; it's smart engineering practice."
Bruce Schneier, Well known security expert
Popular open source gets looked at by a lot of people, some of which are security experts who will examine the code. Flaws will be exposed and fixed. Closed source doesn't have that advantage.
"Instead of using public algorithms, the U.S. digital cellular companies decided to create their own proprietary cryptography. Over the past few years, different algorithms have been made public. (No, the cell phone industry didn't want them made public. What generally happens is that a cryptographer receives a confidential specification in a plain brown wrapper.) And once they have been made public, they have been broken. Now the U.S. cellular industry is considering public algorithms to replace their broken proprietary ones.
On the other hand, the popular e-mail encryption program PGP has always used public algorithms. And none of those algorithms has ever been broken. The same is true for the various Internet cryptographic protocols: SSL, S/MIME, IPSec, SSH, and so on."
Bruce Schneier, Well known security expert
Another example here of a code being pushed out into the public arena:
http://news.bbc.co.uk/2/hi/technology/8429233.stm
Bill Gates started out like this.
Thank you for this information.
it can work in chrome opera and other browsers just use bookmarklets
Still testing LastPass and liking it more and more, but I recently came across a product called PassPack (http://www.passpack.com/en/home/) that seems to do the same things as LastPass and more. They offer a basic free personal account, paid-for upgraded accounts for professionals, freelancers and small businesses, and a commercial-use network server version.
Does anyone have any feedback on PassPack and how it compares to LastPass for the average user?
Much better than lastpass in my opinion. At least, you can copy and paste passwords from passpack into your application login windows without revealing your passwords in plaintext like lastpass forces you to.
Pocket, both the plugins and the bookmarklets (if you have Flash) allow copy and paste without revealing your password.
It's not even in the same league as LastPass
Anon, are you saying it's BETTER or WORSE?
Old news. Have being using Lastpast since last year.
It's what I've been after for a while. Thanks Gizmo for suggesting this. I've found it really easy to use, fast and accurate. Found the multiple logon works OK. Comfortable with the encryption and security around this now though my initial reaction was 'whoa! no way'
"I never though I'd see it happen; a free password manager as good as Roboform and maybe even better."
Gizmo: please read the third word. :)
Ouch! It's now fixed. Thanks.
Gizmo
Even change the ; to :. 8-/
This one is debatable. - G.
Brilliant software, I personally think it's better than roboform! A portable version too and all for free. Amazing
It's one of those bits of software that I really needed but didn't know it!
Spencer
I love LastPass!
But it doesn't work with " windowssecrets.com/signin ". LOL
It works with 'Save All Entered Data' after you've entered it -- there's no password prompt on that page so we try to be less annoying and not ask you to save the site.
Ok. Thank you!
I have Vista Home Premium and IE7 running in protected mode and am having an issue of some sorts since I installed this LastPass program. It appears that when I open multiple tabs that IE will not release memory once they are closed. After opening/closing tabs for a while the memory is so high that I have to kill IE as it is no longer responding. Anyone else having this issue?
LastPass has no known memory issues in IE -- IE doesn't tend to return memory if it doesn't need to -- pretty easy to get a 250M working set size, close everything until your only tab is about:blank and it'll still be at ~250M in the working set size despite nothing running (this is without LastPass installed).
Feel free to send email to support@lastpass.com with more details and we'll try to help (how much memory do you have, how large is your IE getting, does it do something similar without LastPass installed).
Doesn't work with IEtab which is critical for me.
LastPass supports IE View Lite and will likely work around IE tab issue of not starting plugins in the future.
No Opera = bad
I think you should learn the facts before you pass judgement -- we support Opera in the MAXIMUM amount that they allow today using bookmarklets.
Here's a quote from Opera stating why they don't allow extensions:
http://www.opera.com/press/faq/
Opera wrote:Does Opera support extensions?
Opera has incorporated some of the most useful and popular features in the browser itself, and holds itself accountable for the functionality of these features. With integrated features rather than extensions, users are not subjected to the vulnerabilities of extensions created by third parties, which may or may not go through a verification or testing process. In addition to the features that are built into the browser itself, Opera also supports some third party add-ons like plug-ins, skins, panels, custom menus and buttons, user scripts, and so on.
==endquote
If you love Opera you should be holding their feet to the fire as they are proud of their lack of extension support. We've gone out of our way to support their browser, working around Opera's faults with the bookmarklet, our website and m.lastpass.com
Joe
I agree with Joe on this. We would love to make RoboForm compatible with Opera but they seem intent on promoting their own password management feature instead.
I downloaded LastPass and tried it at home...that went okay. But when I tried to use it at work (portable version), their server was down and I was unable to access any of my data until their server was back up. PAIN IN THE NECK! I uninstalled it and will stick to my Roboform Pro and Roboform2Go.
Post new comment