Not Completely Safe Rated 2 out of 5 stars
No amount of overkill security known to man is completely flawless. Even MD5 hashes are crackable. I find it unacceptable that my data is being stored on a third parties system when it makes more since and is more secure to store that data locally.
Some of you may be willing to give over your credit card and banking passwords to someone else but I am not. Your passwords he claims are not accessible by him but if he is using a sql server then the data is not as secure as it may seem to be.
Admittedly I do not know his method of storing the data but it has to be some type of database and that part scares me. Why on earth does lastpass insist on transmitting your passwords to HIS server? that makes no sense whatsoever.
I have deleted the program, the addon and changed ALL of my passwords.
You might want to understand how it works before passing judgement
LastPass is a 'host proof' solution, where we at LastPass can not access your sensitive data because it's encrypted on your computer using your Master Password.
That means that it doesn't matter if it's stored in a SQL database -- it's encrypted. It's useless to us.
Not having access to any of your sensitive data is a key tenant of our solution, it's included in our privacy statement.
If you're interested in learning how it works there's plenty of information on our website like:
What encryption is being used?