back to article LastPass releases Open Source command line client

LastPass has published an open source command line application to provide terminal-loving devs with alternative access to their passwords and login data. The outfit says the app improves user security, with a growing list of commands that lets users edit their LastPass data. It also supports functions such as regular automated …

  1. Havin_it
    Meh

    Meh

    Open up the server code so we don't have to park our data at your place, then we'll talk.

    1. Destroy All Monsters Silver badge
      Thumb Down

      Re: Meh

      Yeah well that's not how it works.

      The only question of interest is whether the lastpass vault has been correctly encrypted before being pushed to lastpass servers

      It could then reside on NSA disks, no-one would need to care.

  2. an it guy

    so,the millions of scripts that die and fall over when lastpass servers conk out

    and you've just changed the password for all those scripts to pick up...

    this could be fun

  3. Anonymous Coward
    Anonymous Coward

    "The outfit says the app improves user security,"

    Hollow laughter. Improves security...they actually said that?

  4. Anonymous Coward
    Anonymous Coward

    A bigger attack surface

    As a long time user of Lastpass I had a sinking feeling when I read this.

    Surely this opens up a huge attack surface. What if I don't want to enable command line access to my vault?

    1. Destroy All Monsters Silver badge
      Facepalm

      Re: A bigger attack surface

      Then just don't hand out the password, idiot.

  5. Jin

    Caveats for ID federations

    ID federations (single-sign-on services and password managers) create a single point of failure, not unlike putting all the eggs in a basket. It remembers all my passwords when un-hacked and loses all my passwords to criminals when hacked. It should be operated in a decentralized formation or should be considered mainly for low-security accounts, not for high-security business which should desirably be protected by all different strong passwords unique to each account. Needless to say, the strength of the master-password is crucially important.

    Incidentally, at the root of the password headache is the cognitive phenomena called “interference of memory”, by which we cannot firmly remember more than 5 text passwords on average. What worries us is not the password, but the textual password. The textual memory is only a small part of what we remember. We could think of making use of the larger part of our memory that is less subject to interference of memory. More attention could be paid to the efforts of expanding the password system to include images, particularly KNOWN images, as well as conventional texts.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like