Wednesday, 9 May 2012

LASTPASS need to explain

This is not directly attached to vacation profiles but is relevant to Google and visitors understanding of your passwords etc.... so please read on (as this is a copy of what was written in Google's Chrome Q&A....

Ok, Having Chrome so sensitive to Password storage is one thing.. but check this issue out!  created an extension for Chrome and Firefox which promotes the storage of all passwords in the 'cloud' so that you can access your passwords from any machine after logging in.  Sounds Good.....
Here's the kicker!
I tried this out seeing as I was transferring my system to a new Windows 7 installation but seeing as I have over 400 different passwords stored in Chrome and Firefox - I was keen to ensure that my previous Windows XP system stayed in tact if the 'moving van' of another piece of software didn't do a fantastic job transferring all of my data and programs etc.
Now LastPass is clever and give you that feeling that they are cutting edge and will look after you.  I loaded the program, I checked that the web login of LastPass showed all of my password data.. then I proceeded to move my applications and data to the new Windows 7.
PANIC...  On the new machine, I open up Chrome (and then Firefox) and the passwords are empty !  TOTALLY EMPTY.
I cant access banking; web hosting; various blogs; web analysis systems; etc you name it.  I have a few 'level' type standard passwords which give me access to some services. But the majority of important logins are gone.
SO - I boot up my old machine thinking it will be an easy case of exporting the passwords from Firefox seeing as Chrome is pathetic at exporting such data -  Oh no.......   LastPass changes the setting of your password storage in browsers and LASTPASS certainly don't warn you of the impending disaster !
YES... LASTPASS changes your storage of passwords to DONT STORE PASSWORDS in browsers... in an effort Im sure to make you think that you are now safer by LastPass looking after your passwords.  But when LastPass shows an empty online storage safe with none of your data in it.  YOU ARE SCREWED.  as they removed your chances of recovery from within the browser itself beforehand.

An old storage backup gave me back 100 of the passwords, because like most - new passwords are added regularly, or updated/changed from old.
GOOGLE should be embarrassed by their lack of natural retrieving/export of passwords for their few million users of Chrome.  However....
GOOGLE should be ASHAMED of promoting/listing an extension which wipes out your saved passwords from Chrome and leaving their customers raped.
A huge foopar.  As a developer I wouldn't consider causing such harm to my applications users!  Shame on Google... Avoid  LASTPASS.
If anybody has a solution to this craziness, I (and many others Im sure) would love to hear it.
Sadly.... Martin.