Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

NO! It's all done locally via JavaScript -- we never want to get your master password / encryption key -- we go through great pains to ensure that never happens.


But there's like, no way for a customer to verify that. It's good practise, but a customer should not rely on that as part of their security model.


It's a lastpass.com site and you are already implicitly trusting them by using LastPass. How does this make it less secure?




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: