Recommended Posts

Hey, so I've started using LastPass and I'm in the process of updating passwords to randomly generated ones.

This is fine when I'm using my own computer, as the plugin is installed so all I need to remember is my master password.

But what's the solution if I'm using a different computer and can't install the plugin? (e.g. public computer, friend's computer etc)

Link to comment
https://www.neowin.net/forum/topic/985678-using-lastpass-without-plugin/
Share on other sites

just access the lastpass website and you can access all your passwords.

you could also store passwords on thumbdrive, etc.

http://helpdesk.lastpass.com/lastpass-portable/

https://lastpass.com/support_faqs.php

AES utilizing 256-bit keys.AES-256 is accepted by the US Government for protecting TOP SECRET data. AES is implemented in JavaScript for the LastPass.com website, and in C++ for speed in the Internet Explorer and Firefox plug-ins. This is important because your sensitive data is always encrypted and decrypted locally on your computer before being synchronized. Your master password never leaves your computer and your key never leaves your computer. No one at LastPass (or anywhere else) can decrypt your data without you giving up your password (we will never ask you for it). Your key is created by taking a SHA-256 hash of your password. When you login, we make a hash of your username concatenated with your password, and that hash is what's sent to verify if you can download your encrypted data.

Your LastPass Master password and encryption key generated from it never leaves your computer - so you are the only person who can decrypt your data

passwords are never "displayed" in clear text. Unless you go into the interface and say show.

You can copy the usernames and passwords from the website from a public computer, or you could use a complete portable solution with say firefox on a usb and lastpass on the usb as well.

  On 28/03/2011 at 16:40, xWhiplash said:

So when you log in to it on a public computer without the plugin, are the passwords displayed in plain text? How does it work on public machines?

Yeah you're able to copy + paste without revealing the passwords themselves, though you can 'show' if you want (which is a little too easy to click for my liking, but it's ok)

  On 27/03/2011 at 17:30, Bhav said:

Hey, so I've started using LastPass and I'm in the process of updating passwords to randomly generated ones.

This is fine when I'm using my own computer, as the plugin is installed so all I need to remember is my master password.

But what's the solution if I'm using a different computer and can't install the plugin? (e.g. public computer, friend's computer etc)

Ohhh interesting, didn't know it did this.

I'll have to go have a look at it, I assume there is a firefox extension? Yes I know pretty lame thing to ask when it takes a minute to look up, but I'm heading out in 5.

  On 28/03/2011 at 17:20, Audioboxer said:

Ohhh interesting, didn't know it did this.

I'll have to go have a look at it, I assume there is a firefox extension? Yes I know pretty lame thing to ask when it takes a minute to look up, but I'm heading out in 5.

Yeah if you just download the exe off the website, you can install plugins for Firefox, IE and Chrome in one go.

And the plugin itself has the random generator, with which you can specify number of characters, upper/lower case, numbers etc.

It usually detects that you're changing passwords too, so a little bar drops down offering to fill your current password and generate a new one. Pretty clever really.

There are lots of LastPass guides/tips you might want to google for, as they give a good idea of all its nifty features.

Hmm...maybe I'm wrong, looks like copy + pasting without revealing doesn't work, it just pastes the masked dots.

So yeah this seems like a bit of a weakness.

On the one hand, you can log into your lastpass account anywhere, create a bookmarklet and that will let you log into wherever you need.

On the other hand, if you log into your lastpass account, you can easily reveal your password by clicking "show"...which obviously shouldn't really be so simple.

I guess that's why the master password needs to be extremely strong.

(The bookmarklet also works on Android)

Edit: Oh! When you log into the lastpass website, you can just double click on the site you want to log into. So no need to go anywhere near revealing the password. You just double click, it takes you to the site and tries to log in.

http://forums.lastpass.com/viewtopic.php?f=12&t=114&start=0

  On 28/03/2011 at 17:57, Bhav said:

Hmm...maybe I'm wrong, looks like copy + pasting without revealing doesn't work, it just pastes the masked dots.

So yeah this seems like a bit of a weakness.

On the one hand, you can log into your lastpass account anywhere, create a bookmarklet and that will let you log into wherever you need.

On the other hand, if you log into your lastpass account, you can easily reveal your password by clicking "show"...which obviously shouldn't really be so simple.

I guess that's why the master password needs to be extremely strong.

(The bookmarklet also works on Android)

Edit: Oh! When you log into the lastpass website, you can just double click on the site you want to log into. So no need to go anywhere near revealing the password. You just double click, it takes you to the site and tries to log in.

http://forums.lastpass.com/viewtopic.php?f=12&t=114&start=0

Awesome! I'm just back and was doing a bit of reading and it's good to see it'll be easy to use sites on other people's computers. I was a bit apprehensive to use generated passwords as there is NO chance I'm remembering them :laugh:

  On 28/03/2011 at 18:05, Audioboxer said:

Awesome! I'm just back and was going a bit of reading and it's good to see it'll be easy to use sites on other people's computers. I was a bit apprehensive to use generated passwords as there is NO chance I'm remembering them :laugh:

Yeah precisely, that was my apprehension too. But actually my using of firefox has changed very little because everything is just saved in a very similar way to the built-in password manager. The make-or-break will be whether or not it works smoothly when I'm using a different computer...which I'll test properly later.

  On 27/03/2011 at 17:33, BudMan said:

just access the lastpass website and you can access all your passwords.

you could also store passwords on thumbdrive, etc.

http://helpdesk.lastpass.com/lastpass-portable/

Have been using lastpass for a while now but never knew about this thanks :D

Ah damit.

So just went onto my brother's computer, which doesn't have the plugin installed.

Logged into lastpass.com, tried double clicking on a site in my list of logins, and it just opens up that entry and offers to show the password.

I guess that'll get the job done, but it's not ideal. So the most appropriate solution will be to use a bookmarklet (or the portable usb thing, which is too much hassle imo)

  On 28/03/2011 at 18:08, Bhav said:

Yeah precisely, that was my apprehension too. But actually my using of firefox has changed very little because everything is just saved in a very similar way to the built-in password manager. The make-or-break will be whether or not it works smoothly when I'm using a different computer...which I'll test properly later.

When you're on another computer without lastpass and you login to your vault, double clicking or clicking visit URL does NOT automatically enter the password. You have to manually copy it which means clicking show.

edit: Just noticed your post above :p

  On 28/03/2011 at 18:47, Bhav said:

Yeah, think I might post on the official forums, see if they have a solution (or at the very least, highlight that it's something they should look into).

Bookmarklets does the trick, the only thing is if you leave it as a bookmark on someones PC can they not just have a field trip with your passwords? Guess you just have to remember to log out of lastpass.com.

  On 28/03/2011 at 18:51, Audioboxer said:

Bookmarklets does the trick, the only thing is if you leave it as a bookmark on someones PC can they not just have a field trip with your passwords? Guess you just have to remember to log out of lastpass.com.

Yeah you need to log out. Again, not ideal.

It really would be the best solution if you could just double click!

Anyway, will see what they say over there.

http://forums.lastpass.com/viewtopic.php?f=12&t=65639

  On 28/03/2011 at 18:56, Bhav said:

Yeah you need to log out. Again, not ideal.

It really would be the best solution if you could just double click!

Anyway, will see what they say over there.

http://forums.lastpass.com/viewtopic.php?f=12&t=65639

Look forward to seeing if there's any other solutions. I don't think they'll be able to get it working from double clicking - I think that only works for us as the plugin is installed. Don't think there will be a way to inject your username/password on a vanilla setup, hence why they have the bookmarklet option.

Hmm yeah you're probably right there...I'm guessing it's the whole local encryption/plugin combo.

Gah, well I guess the bookmarklet is workable in most situations I'm likely to come across...and perhaps a relatively small price to pay for security.

While I was reading up on this, it kinda dawned on me how poor my password set up was. I mean, if one crappy website/forum I'd signed up to revealed my email address and password, anyone would have access to my amazon, play.com, paypal etc. Would be a *slight* disaster :unsure:

  On 28/03/2011 at 19:03, Bhav said:

Hmm yeah you're probably right there...I'm guessing it's the whole local encryption/plugin combo.

Gah, well I guess the bookmarklet is workable in most situations I'm likely to come across...and perhaps a relatively small price to pay for security.

While I was reading up on this, it kinda dawned on me how poor my password set up was. I mean, if one crappy website/forum I'd signed up to revealed my email address and password, anyone would have access to my amazon, play.com, paypal etc. Would be a *slight* disaster :unsure:

Same I used the same password for nearly everything, with a little bit of variation on some sites.

I guess the scare with lastpass though is if anyone gets THAT password you're royally ****ed :p

you can always recover the password, and since you would be using the password prob daily, if not multiple times a day - if you forget it you clearly are severely mentally challenged ;) And prob wouldn't know the difference between a computer and a etch-a-sketch anyway ;)

http://helpdesk.lastpass.com/account-recovery/

  On 28/03/2011 at 19:49, BudMan said:

you can always recover the password, and since you would be using the password prob daily, if not multiple times a day - if you forget it you clearly are severely mentally challenged ;) And prob wouldn't know the difference between a computer and a etch-a-sketch anyway ;)

http://helpdesk.lastpass.com/account-recovery/

Me? I wasn't talking about forgetting my password, I meant if someone found it out :p

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • I thought I could download the ringtone.
    • Foxconn to make iPhone casings in India as Apple shifts more production from China by Sagar Naresh Bhavsar It was recently reported that Donald Trump was unhappy with Tim Cook and threatened Apple with a 25% tariff if iPhones weren't produced in America. While the exact reason is unclear, some speculated that Trump's anger had to do with Cook skipping the Middle East trip with him, which was attended by other major company CEOs. Many believed that Apple came under the radar because of its plans for a $1.5 billion iPhone production plant in India. True or not, Apple is facing a tough situation as Trump has already imposed hefty tariffs on China, where the majority of iPhones are made. In a move to reduce dependence on China, Apple planned to shift its production from China to India, where tariffs are relatively lower. In line with this, a fresh report by The Economic Times suggests that Apple's iPhone assembler, Foxconn, has decided to start producing iPhone casings in India. Sources claim that a new unit is being planned at the ESR Industrial Park in Oragadam, Tamil Nadu. The area is close to the upcoming display module manufacturing plant. Until now, Tata Electronics was the one producing iPhone casings in India. However, Foxconn, which was assembling iPhones in the country at its plant in Sriperumbudur, will start making iPhone casings as well. This move suggests that Foxconn is helping Apple move more production out of China to India. Prabhu Ram, vice president, industry research group, CyberMedia Research, said, Foxconn has already ramped up its India push. The company recently started production of Apple AirPods in Hyderabad for exports and is also setting up an iPhone production plant in Bengaluru. Casings only make up about 2-3% of the total iPhone cost, making them locally helps Apple reduce costs, and also helps avoid hefty tariffs.
    • I loved the initial compact Start Menu present in Windows 10. It was tiny, awesome and super fast without any Store apps clutter.
    • BBC threatens Perplexity with legal action over content scraping by Paul Hill Image via Depositphotos.com The UK’s public broadcaster, BBC, has written a letter to Perplexity, the AI search startup, asking it to stop scraping articles from its websites, delete existing copies of content, and propose some sort of financial compensation if it would like to carry on scraping data. If the demands are not met, BBC may seek an injunction against the startup citing alleged misuse of its intellectual property. BBC is probably responding in this way because it has seen other news organizations cement deals with firms like OpenAI and Mistral. The income stream allows news organizations to raise more funds and also cover the costs of the extra load on their servers caused by AI scraping. For anybody not familiar with Perplexity, it’s a bit like ChatGPT but has a much stronger emphasis on searching the web to find information. You can ask it anything you want to know about and it very quickly searches online and constructs a specific response to your question based on what it has found. The company offers many of its features for free, but does have Perplexity Pro, which costs money. Essentially, Perplexity is making money from publishers by using their content to improve its own product, but not paying them all. Perplexity's defense and existing publisher programs In a statement to the Financial Times, Perplexity labeled the BBC’s claims as "manipulative and opportunistic". The startup accused the broadcaster of having “a fundamental misunderstanding of technology, the internet and intellectual property law.” This is not the first time Perplexity has had a run-in with the media. Forbes and Wired accused it of plagiarizing content from their websites and The New York Times sent the company a cease and desist notice to stop using its content for AI purposes. To assuage publishers, Perplexity has set up a revenue sharing program, which includes TIME, Fortune, Der Spiegel, and others. According to Digiday, the revenue share was up to 25%. It’s not clear if BBC has tried engaging through this avenue or if it wants to try to squeeze the startup for a bigger slice. The escalating battle over AI and intellectual property Even if you only keep up with AI developments in passing, you’ll likely have seen that AI models need to be trained on vast amounts of data, much of which is copyrighted. There is an ongoing debate about whether these companies should be allowed to train on this data, or first seek out permission from the copyright holders. The move from the BBC could spur other publishers on to try and get themselves a better deal from Perplexity. Alternatively, Perplexity could remove BBC content from its platform and stop pulling information from there. It could probably find most of the information elsewhere, but if Perplexity tried to pull this too much it would eventually end up pretty useless with not a lot of content. Overall, this is just one of many ongoing legal issues surrounding AI, but once a conclusion has been reached, it could set a precedent about how AI companies should go about getting content from publishers. Source: FT via Reuters
    • No, it's in fact not always there. You have to enable the FPS overlay first, either in Steam general settings or in the.... Steam Overlay... which is Shift+Tab. And what is that? A keyboard shortcut
  • Recent Achievements

    • One Month Later
      KynanSEIT earned a badge
      One Month Later
    • One Month Later
      gowtham07 earned a badge
      One Month Later
    • Collaborator
      lethalman went up a rank
      Collaborator
    • Week One Done
      Wayne Robinson earned a badge
      Week One Done
    • One Month Later
      Karan Khanna earned a badge
      One Month Later
  • Popular Contributors

    1. 1
      +primortal
      678
    2. 2
      ATLien_0
      274
    3. 3
      Michael Scrip
      220
    4. 4
      +FloatingFatMan
      171
    5. 5
      Steven P.
      160
  • Tell a friend

    Love Neowin? Tell a friend!