14 comments

[ 2.2 ms ] story [ 50.1 ms ] thread
I received an email with the following text this morning. Can someone decode what this means?

A new era for LastPass

We’re very excited to announce our intent to establish LastPass as an independent company.

We couldn’t be happier and we hope you will be, too. As the leading password manager for individuals and businesses, this change allows us to strategically increase investment and support in LastPass to be able to solve your password problems faster and in even more innovative ways.

You will start to see an enhanced LastPass, on an accelerated timeline. We are working on faster, seamless save and fill, a delightful mobile experience, and even more third-party integrations for businesses, among many other updates. We are expanding our support channels so we can answer your questions faster, right when you need them, and you’ll be welcomed by a new look and feel on our website. We are investing directly in areas that customers like you have told us are most important.

Don’t worry – there are no changes to your account or data in your vault. This is the same great product, now with even more focus on keeping your data safe. You can learn more about this news on our blog.

For those of you who have been with us all along, we thank you for your continued support and passion for LastPass. For those of you who are newer, thanks for being here and we can’t wait to show you what’s next.

I assume this means they will no longer be under the LogMeIn umbrella, though I'm not sure what exactly that will mean for the company short or long-term.
The support for "third party integrations" seems like the exact opposite of anything I'd ever want in a password management app.
I also just received this email, and also have no idea what it means
What this means is the private equity firm that owns Logmein is preparing to sell LastPass to recoup part of its investment when it bought them out.

It is typical of PE firms to buy and resell into pieces.

LastPass New independent company will for now still be owned by the same PE firm but become independent and will get a new CEO eventually.

Literally the week I switched to BitWarden (per the advice of HN'ers) because LastPass seemed to have stopped caring. Either way BitWarden is near perfect and FOSS, so no reason to go back.
I left LastPass after they nuked the free option, went to 1password since my employer had a corporate deal, but when I left (my former employer) 1password simply cut my access to it with no option to switch to a personal account and no way of getting my vault back. Got very angry and searched HN for suggestions and also found BitWarden. Pretty good interface, fair deal and prices (with the free option as well). So I'm here to stay now, at least until someone buys it and turns it into another LastPass....
The good news is that it's open source, so if they sell out it's always an option for someone to fork it.
So it sounds like LastPass will get better customer service and faster updates, but the actual day-to-day usage will remain more or less unchanged. And of course, there's no mention of the price dropping to where it was before LogMeIn took over, so users who were hoping to save some money are going to be disappointed.
How do we handle when less technical folk get their common passwords tabled but can't "figure out" modern password managers? The major thing being 2auth. But phones are not trustworthy, they break. Yubikeys are easily lost and expensive. I can't go to my grandma, hand them that setup, and have them use it. Plus the cost of LastPass and 1password are far too high. I prefer bitwarden for it's yearly cost.
I left for bitwarden like many when they joined logmein. Love my current experience with it, I host it myself with linuxserver.io's docker container but also subscribe just to keep them funded. Product works great, and very easy to import your LastPass export if you are hesitant to switch everything.
I've been using LastPass for several years now as a paying customer and I really like it. However, I wish they would focus on their usability a bit more. The UI is a little more complicated than it needs to be and some common actions take a few too many clicks, in my opinion.

I'm hoping it spinning out into its own company again can help it move a bit faster and update their UI.

My workplace uses LastPass as the "blessed" password manager that's recommended by the security team.

It's a nightmare. I've given up on it entirely and would never trust it again, after encountering this flow several times a month:

1. Log in to LastPass

2. Respond to 2-factor auth prompt

3. LastPass says "you need to change your password"

4. Type in a new password

5. LastPass says "okay, password changed, log in again"

6. Log in to LastPass again, with new password.

7. LastPass says "incorrect username or password."

8. Log in to LastPass again with old password.

9. Respond to 2-factor auth prompt again

10. LastPass says "you need to change your password"

11. Type in the same new password again

12. LastPass says "you cannot reuse the same password"

13. Type in a different new password

14. LastPass says "okay, password changed, log in again"

15. Log in to LastPass again, with new new password.

16. LastPass says "incorrect username or password."

17. Log into LastPass with old password.

18. LastPass says "incorrect username or password."

19. Log in to LastPass with old new password

20. Respond to 2-factor auth prompt.

21. Repeat this loop from step 10 an unspecified number of times, only each time LastPass picks a random one of the possible passwords in play to be the "current" password.

22. Eventually, after an unspecified number of loops, LastPass no longer asks me to change my password again. I now have to keep track of which of the N possible new passwords is the one it kept.

I just use a KeePass vault at this point -- it's free, and it actually works, both of which are more than I can say for LastPass.