LastPass is a password manager program that enables you to create unique, random passwords for every site that you visit. It also has many other features that make it an attractive choice in the growing password manager marketplace.
But the news this week that LastPass was purchased by LogMeIn caused quite a stir on social networks, and equally lively commentary from security professionals.
Well known security expert, Troy Hunt, has kindly created a full set of step-by-step instructions for those wishing to migrate from LastPass to 1Password.
But I feel that the question that needs to be addressed is - should we jump the LastPass ship, or hold?
The entire controversy seems to be one of trust, and the problem is that the trust level of LogMeIn has been tarnished to the point that anything associated with it is considered equally untrustworthy.
However, in defense of LastPass, perhaps we are being too quick to judge.
On the Security Now show, Steve Gibson and Leo LaPorte interviewed Joe Siegrist, the founder and CEO of LastPass.
Gibson has been a long-time supporter of LastPass, and has spent considerable time explaining why LastPass is his preferred password manager.
Siegrist explained that the LastPass team will remain unchanged and that he will remain at the helm. He stated that the only thing that will change with LastPass is the amount of resources available to further develop and improve the product.
Of course, any jaded victim of corporate mergers will listen to Joe Siegrist’s words with heightened suspicion. Will LastPass be able to maintain its integrity while operating in the orbit of LogMeIn? Is he just parroting “corporate speak” while he waits to cash in on his creation?
I am reminded of a quote attributed to Benjamin Franklin:
“It takes many good deeds to build a good reputation, and only one bad one to lose it.”
In the history of LastPass, they have been open and honest, even during security incidents that would have other corporations scrambling for cover. Their good deeds have earned them a solid reputation.
I am holding on to the confidence the acquisition of LastPass by LogMeIn could serve to improve the LogMeIn operation. This could be one of those instances where the child can teach the parent how to be a better person.