|User since||July 28, 2009|
|Number of add-ons developed||0 add-ons|
|Average rating of developer's add-ons||Not yet rated|
Third party service/privacy certification and insurance required! Rated 2 out of 5 stars
This type of add-on (Password Manager) is a necessity in today's world. I found the product to work well. However, I cannot recommend or rate well this add-on due to potential security concerns -- see below.
Essentially the idea is good but, given the type of service offered, insufficiently ironed out.
I'd be willing to pay for this service and I find the $12/year very reasonable.
1. The Privacy Statement mentions that the software will not send unencrypted information to Lastpass servers. In my opinion, in order to be seriously considered as a password management service provider, the developer needs to: (i) explicitly mention what personal customer information is available to Lastpass, its contractor, and/or potential hijackers of their servers; (ii) verify their statement through at least one reputable software audit firm; (iii) do (i) and (ii) for each version provided to customers.
2. The Terms of Service is the typical "run-of-the-mill" lawyer talk essentially protecting LastPass. Nothing or very little to protect the potential users of the service from LastPass and/or their contractors (rogue employee) or the effects of potential hijack of the service. Given the type of service provided, the Terms of Service should be very explicit to: (i) what information is Lastpass storing and in what format/standard; (ii) what is the service essentially provided by Lastpass (e.g.: "Lastpass will only store your passwords in an encrypted format to which only you have the key. The perfomance of this service and the information available to Lastpass or its contractors are verified by YYY and traceable to ZZZ, etc."; (iii) Lastpass provides IDtheft insurance up to $$$$.; (iv) once a user abandons the service, the removal of their information is certifiable by third parties.