Haven't used LastPass since FF 3.6.12. There was the todo with add-ons screwing up FF at the time. Tried it on FF4 and the add-on still screws with it.

Just a quick question, are my passwords safer stored on my computer, with Keepass or other alternatives, than they are in the cloud with LastPass? having read several articles on the LastPass problem, it would seem that LastPass has been very responsible in it's actions on what is a relatively small problem compared to the hacking problems some have faced in recent months & their expertise in security would be far superior to mine on my PC.

Sounds like a lotta Bunk to me.

Nice article in Lifehacker about "non Cloud" alternatives to LastPass:

http://lifehacker.com/5799036/the-best-password-utilities-that-dont-store-your-data-in-the-cloud

Well, with KeePass, you can choose to use a Master Password, or a key file, resident only in your head or on your hard disk, or both, to provide the permission for the unlocking.  To get the passwords from an existing LastPass account you know the username and password to, see http://www.computersolving.com/windows-pc/export-lastpass-passwords-to-keepass-stickypassword/.  You can integrate KeePass Password Safe 2 into Firefox or Pale Moon 4 by installing KeePassHttp (by putting the file with that name and .plgx extension into the KeePass directory) and installing PassIFox into Firefox/Pale Moon 4, going to the Tools -> Add-ons page and setting up the default file for KeePassFox (by giving it a name).  Then you right click in the username field in a web-site, click "Fill User & Pass" and give the similarly named website address permission to enter the details for that website from your KeePass program open on your local computer.

I think the only way your information could be compromised on the local computer is it has been infected by a trojan and keylogger so it could capture your Master Password.  But if you have a key file and Master Password this might not be possible.

What do others think?  Letting LastPass store your data blob (and even now, it doesn't look like much was lost, and they don't store username and password in unhashed form on their systems), or using KeePass and plugins with a Master Password and/or key file combination and the Firefox 4 plugin (which also works in Pale Moon 4)?

Best regards,
Steven.

StevenAus, I don't think there's a perfect solution... You pointed up the shortcomings of both quite well. I changed my LastPass account Master, but that's only good until the next time.

If only it were that simple.  Unfortunately I have literally dozens (soon to be hundreds) of passwords and cannot remember which is which.  My rememberer is getting weaker as I age.

The catch-22 of the information age is that as they try stronger protections of systems, it becomes harder for the user to "remember" passwords, so they seek alternatives.  And of course as StevenAus and you point out, none are  perfect.

I suffer from an illness that affects my memory & old age, can't remember what I did 2 minutes ago on a bad day, so I have to rely on a password manager, even on sites I visit every day, but I do not use them for my bank details etc. But then, the only way to be really safe is not to use the computer, then what would I do all day! 

Why hasn't one of the scripting wizards HERE come up with a DXWidget/Object to store passwords?

"A strange game. The only winning move is not to play."

Joshua - War Games

Or at SD. I think you should approach them with your idea. You could do the graphics for it....