Submitted by glawgii t3_ztx9k5 in technology
hypnoticlife t1_j1i6ptn wrote
Reply to comment by wren337 in The Lastpass hack was worse than the company first reported by glawgii
Both of the other replies here make me think that the master password isn’t the key. That it merely unlocks the key. This gives the ability to have a password reset and trivial support/law enforcement access. The only evidence is the ability for password resets. That’s a huge red flag.
wren337 t1_j1ke1j2 wrote
Agree that's how you do multiple passwords. There is a random encryption key for the actual data, and then multiple copies of that key are encrypted with your password and one or more of their passwords. So the question is, did their passwords get lost? If support can recover your vault, everything they've said is a lie.
Viewing a single comment thread. View all comments