I'll keep saying it: third-party passwords are worse than most any other solution, and will continue to be so without liability/indemnification.
The fact that they appear to work now doesn't take into account the "Black Swan"-ish nature of a big hack. The huge disaster (of getting everybody, as opposed to one person) is potentially ALWAYS around the corner.
It's not three people keeping a secret though. Lastpass uses encrypted blobs so unless someone also crack 256-bit AES it's really not that big of a deal. Perhaps locally stored secrets dbs are better, but generally using LastPass-esque services is much better than trying to memorize a bunch of passwords.
6 comments
[ 3.7 ms ] story [ 12.3 ms ] threadThe fact that they appear to work now doesn't take into account the "Black Swan"-ish nature of a big hack. The huge disaster (of getting everybody, as opposed to one person) is potentially ALWAYS around the corner.
What's that about three people keeping a secret?