LastPass Bought By LogMeIn For $110 Million

Megalith

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
LastPass has been sold, and there is apparent outrage. Can any LastPass users chime in on why LogMeIn is so hated?

LogMeIn says in the near-term, both the Meldium and LastPass product lines will continue to be supported and operated as standalone products, but in the long term it looks like the goal is to offer a singular identity management offering based on the LastPass service and brand.
 
Based on what I'm reading, LogMeIn makes mediocre products at insane prices, and will probably end up jacking up the price of LastPass. Looks like it's time to search for a new password manager and move all my passwords over.
 
I was a LastPass user up until yesterday, switched to 1Password. I do not trust any company (especially LogMeIn) who have shareholder to treat LastPass as its previous owners did...
 
What they did to the "grandfathered" users of the free logmein accounts was dirty. First they crippled the free accounts severely and then they reneged on grandfathering the free accounts altogether. when I sent the service rep a copy of the email saying my account would be renewed yearly for free, I was told tough luck, they would not renew it again.

I closed my account and never looked back.
 
My first thought was the absolute bad idea of adding extraneous crap to a security product, especially when the extraneous crap was LogMeIn. Next thought was thinking of the history of LogMeIn and the changes from a ground-breaking product to a cash grab. Cancelled my LastPass Premium within 30 minutes of hearing the news.
I'm trying Dashlane now on Windows and Android. It looks lick, but is taking some getting used to. I'll be trying 1Password as well.
 
RocketTech said:
My first thought was the absolute bad idea of adding extraneous crap to a security product, especially when the extraneous crap was LogMeIn. Next thought was thinking of the history of LogMeIn and the changes from a ground-breaking product to a cash grab. Cancelled my LastPass Premium within 30 minutes of hearing the news.
I'm trying Dashlane now on Windows and Android. It looks lick, but is taking some getting used to. I'll be trying 1Password as well.
Click to expand...

I toyed with Dashlane and it does have a slick interface, I didn't think it was different enough to make me want to choose it over Lastpass so I stayed with LP.

Now that this has occurred, I likely won't reup on my premium with LP.
 
westrock2000 said:
Your passwords.......bought and sold....legally.

Good luck with that guys.
Click to expand...

Good thing for you, they come in many different styles now...

nCoDqcI.jpg
 
My lastpass is a paid account, for life, as I recall. Really hope logmein doesn't screw with a great thing.
 
PsyKo[H];1041903793 said:
What they did to the "grandfathered" users of the free logmein accounts was dirty. First they crippled the free accounts severely and then they reneged on grandfathering the free accounts altogether. when I sent the service rep a copy of the email saying my account would be renewed yearly for free, I was told tough luck, they would not renew it again.

I closed my account and never looked back.
Click to expand...

Was this LogMeIn Remote Control or LogMeIn Hamachi? I help users setup LogMeIn Hamachi for free often.
 
d8lock said:
My lastpass is a paid account, for life, as I recall. Really hope logmein doesn't screw with a great thing.
Click to expand...
I hope so for you, but something tells me that any "for life" agreements may not carry over to the new owners.

My advice for people looking towards alternatives is to consider KeePass 2.3, along with KeeFox for FF users, and Keepass2Android for Android phones. There are some iOS options but they are weaker, I believe. Windows/FireFox/Android combination works wonderfully, and you can use google sync to take care of multi-device password sync.
 
Logmein is outragously expensive. Unfortunately one of the offices I work for is on sat internet, and logmein is one of the only things I've found that works well on an extremely high latency connection. So we are stuck paying for it.
 
Logmein sucked a lot of dick. They had this unresolved bug that went on forever in the past. There were random moments that you couldn't control the remote computer. Logmein became a viewer instead. They coudln't even fix the problem for paying members. Fuck them. Logofshit
 
westrock2000 said:
Your passwords.......bought and sold....legally.

Good luck with that guys.
Click to expand...

Yeah I can't imagine trusting a 3rd party with my passwords. I trust a webapp I threw together on one of my local servers more than I'd trust any company. Companies get bought out, hacked, or just get greedy, and what happens with your data is out of your control.
 
Red Squirrel said:
Yeah I can't imagine trusting a 3rd party with my passwords. I trust a webapp I threw together on one of my local servers more than I'd trust any company. Companies get bought out, hacked, or just get greedy, and what happens with your data is out of your control.
Click to expand...

QFT. I once told a guy in our IT that LastPass is a big security risk. He had no argument other than it's easy to use. Hack one password to rule them all.
 
ChickenLover said:
Sysadmin here. LogMeIn silently increased their prices by 500%. Didn't find out until we saw the reoccurring bill. They lost our business forever.
Click to expand...

This is exactly what happened to us too. Been paying them around $500 a year for logmein central but now they want $7500. Um, no. We will never come back.
 
PsyKo[H];1041903793 said:
What they did to the "grandfathered" users of the free logmein accounts was dirty. First they crippled the free accounts severely and then they reneged on grandfathering the free accounts altogether. when I sent the service rep a copy of the email saying my account would be renewed yearly for free, I was told tough luck, they would not renew it again.

I closed my account and never looked back.
Click to expand...

same, made me look at other options since I became compliant with LMI anyway... they are a terrible company and I will never give them a dime
 
Red Squirrel said:
Yeah I can't imagine trusting a 3rd party with my passwords. I trust a webapp I threw together on one of my local servers more than I'd trust any company. Companies get bought out, hacked, or just get greedy, and what happens with your data is out of your control.
Click to expand...

Your passwords are encrypted on the local device before going to the provider. You can actually see it when you hit save, the information is scrambled. They aren't decrypted until they're on the local PC.
 
westrock2000 said:
Your passwords.......bought and sold....legally.

Good luck with that guys.
Click to expand...

Well, an encrypted list of your passwords has been bought and sold.

And before you argue how *easy* it is.

1IB7BV+Eyb7dCxztXyPxkkOwWLWmSO/RNApmCvvYN1I=

Go ahead and decrypt that. It's a 16 character password, letters, numbers and symbols, encrypted in AES 256-bit, with a far simpler key than LastPass uses.
 
Just use keepass. I really don't see the point of an online key vault. I have it on my PC, I have it on a thumb drive and on my phone.

As for logmein, I quit using it when they dropped the free version. If I need a remote log in, I use teamviewer. It's not as good as logmein, but it's good enough for my purposes.
 
For those who want to export from LastPass into KeePass... these are the full steps:

Open LastPass in the browser (Vault), Tools > Export.

It'll show you a CSV dump of your vault contents after you decrypt it. Cut and paste it all into Notepad and save it as (whateverfilename).csv

In KeePass 2.x, open it up, create a new DB, go to File > Import > Generic CSV Importer

Open the CSV file you saved,

And in the Structure tab, use the following:

URL
User name
Password
Notes
Title
Group
(ignore)

And that should put everything in its right place.
 
Well, I'm a big fan of the password management system below. The interface is iffy at best, there's a limit to the complexity it can handle, it can be a real pain to access sometimes, but there's no real worry about hacking or change of ownership.

human-brain-pink-300-lg.jpg
 
nilepez said:
I really don't see the point of an online key vault.
Click to expand...

Because if someone steals all your equipment (and I've had customers who've had this happen to), you can still recover your passwords.

Granted, there are several ways to do that (KeePass in a Dropbox account, etc). But the idea is maximum availability while minimizing risk.
 
Croak said:
Well, I'm a big fan of the password management system below. The interface is iffy at best, there's a limit to the complexity it can handle, it can be a real pain to access sometimes, but there's no real worry about hacking or change of ownership.

human-brain-pink-300-lg.jpg
Click to expand...

Where can I get one of these ;)
 
^^^IT Operations Manager. The cost of LogMeIn over having a human being at a computer, far out weighs it's actual cost. I would love to give a guy a job, but as a manager, just like any other cost center, I'm held accountable to the bottom line. I was able to cut back on one help desk position and we have automated patch management and can push other updates and install software, remotely with ease.

Those who don't use LogMeIn Pro, and just as a tool for remote access, I can see how the cost can hurt a bit. We pay $41/per user, per year, for their premier product and I can tell you, it's an invaluable tool in my box.
 
I had been using KeePass for years - it works well on Windows devices.
However, I recently moved to 1Password. I use Mac OS X and iOS daily, KeePass is not the best option for OS X (and not even sure if they have an iOS version?). KeePass can run on OS X, but it runs on Mono (I think). Works, but feels out of place.

I'm happy with 1Password - they have frequent updates and are still a small company. I use DropBox to share my password repository - you can configure it pretty much however you want to.

Gripes about 1Password - it's a little pricey (compared to free with KeePass :) ) getting started.
 
Chas said:
Well, an encrypted list of your passwords has been bought and sold.

And before you argue how *easy* it is.

1IB7BV+Eyb7dCxztXyPxkkOwWLWmSO/RNApmCvvYN1I=

Go ahead and decrypt that. It's a 16 character password, letters, numbers and symbols, encrypted in AES 256-bit, with a far simpler key than LastPass uses.
Click to expand...

Well in its current form yes this is correct. Not to be a tinfoil hat wearer but I don't think it would be all that difficult to update the client side add-ins to behave a bit differently and store more than the hashed passwords out on their servers.

I don't think they'll do that but I do think they'll F something up. I tend not to trust companies who's primary concern are the shareholders.
 
Flyingcrazy said:
^^^IT Operations Manager. The cost of LogMeIn over having a human being at a computer, far out weighs it's actual cost. I would love to give a guy a job, but as a manager, just like any other cost center, I'm held accountable to the bottom line. I was able to cut back on one help desk position and we have automated patch management and can push other updates and install software, remotely with ease.

Those who don't use LogMeIn Pro, and just as a tool for remote access, I can see how the cost can hurt a bit. We pay $41/per user, per year, for their premier product and I can tell you, it's an invaluable tool in my box.
Click to expand...

In that environment, I'd be curious to see a cost comparison between LogMeIn and MS SCCM.

I think the most vocal majority of users upset with LogMeIn are/were using it in a non-domain environment for a limited number of machines. Ex. help mom/dad/grandma with computer issues.

However, since they adjusted their products and pricing so violently, with so little notice, I'd be hesitant to make business support services dependent on them. By extension, with LastPass, I'd start looking my password manager situation >now< so that I'm not inconvenienced at an unexpected point in the future.
 
ChedWick said:
Well in its current form yes this is correct. Not to be a tinfoil hat wearer but I don't think it would be all that difficult to update the client side add-ins to behave a bit differently and store more than the hashed passwords out on their servers.

I don't think they'll do that but I do think they'll F something up. I tend not to trust companies who's primary concern are the shareholders.
Click to expand...

Yeah, in the current form it's essentially a browser (or mobile) app that does the local stuff and sends it up encrypted. Kinda like storing a KeePass file on Dropbox or what not.

Not too far fetched to see an unethical company slipping in some telemetry or other browser tracking software to also be sent up unencrypted.
 
You must log in or register to reply here.
Back
Top