Lastpass and Dashlane ?s

[Katsmeow]

I have read various threads here on Password Managers and have a couple of questions on Lastpass and Dashlane.

For years I've used Roboform, but it has lagged behind on features and I want to change. I just did a trial of Lastpass Premium and have a question. I haven't tried Dashlane yet but I notice that reviews consistently seem to put Lastpass and Dashlane at the top. Many of them slightly favor Dashlane except that its premium version is $39.99 a year v. $12 for Lastpass. I would, of course, prefer to pay $12 rather than $39.99 but if I can't solve a problem I am having with Lastpass I may scratch it off my list.

My goals are to have a password manager that I can use on my desktop, phone and iPad and where I can share passwords with DH.

1. Lastpass Question -- The huge annoyance I have had with Lastpass over the last few weeks it that it repeatedly tries to save a new login in for websites where I only have one login and it has already been saved. For these websites, it tries to save a new login every time I go there. This is super annoying.

A few times I tried letting it save a new login hoping that would solve the problem. It didn't. And, then I would get nagging about having insecure passwords since I had two logins with the same password (of course, both logins are entirely identical since the second one is an unneeded duplicate).

With Roboform, I occasionally had this problem but Roboform gave me the option to have it quit asking to add a login for the site. I can't find that for Lastpass.

This may seem like a small problem but there are 3 or 4 places that I go to often where I get this. I get asked to save a login 2 or 3 times a day at a place I already have a login. And, I get asked every time I go to that site so it is neverending.

Some of the Lastpass reviews I read talked about this problem and listed it as a con for Lastpass. So, it isn't just me. The reviews didn't give a solution though. Maybe there is none. Does anyone have a solution for this?

2. Anyone using Dashlane? Any annoyances with it? I am going to start a free trial on it but would appreciate any feedback. I would prefer to not have to pay $39.99 a year (times two), but would do it if I can't solve the Lastpass problem if Dashlane doesn't have problems of its own.

 

[Rustic23]

I have used Lastpass for the past four or five years. I have never had this problem. It is also free, and I could put up with this for free. My guess is figure out why Lastpass is doing this.

Edit: Try this: https://helpdesk.lastpass.com/account-settings/#Never+URLs click on Never URL. You should be able to specify which sites to save for.

 

[W2R]

Although it's not really what you are asking for, I think ERD50's password method is a great way to eliminate having to call help desks and some other difficulties. It's described in the first three paragraphs here:

http://www.early-retirement.org/forums/f27/those-pesky-security-questions-82952.html#post1765353

I know, I know. I'm thinking to myself, "She really isn't asking for this!!!" And myself thinks to myself, "Yes, but, but but!!! I just HAVE to post about this. This is so cool and it is free."

 

[tulak]

I'd recommend contacting LastPass support for any issues you have. I've done this in the past. They responded quickly and solved my issue.

 

[zinger1457]

1. Lastpass Question -- The huge annoyance I have had with Lastpass over the last few weeks it that it repeatedly tries to save a new login in for websites where I only have one login and it has already been saved. For these websites, it tries to save a new login every time I go there. This is super annoying.

Which browser are you using? I've been using LastPass with Firefox for years and haven't seen this issue.

 

[ERD50]

Although it's not really what you are asking for, I think ERD50's password method is a great way to eliminate having to call help desks and some other difficulties. It's described in the first three paragraphs here:

http://www.early-retirement.org/forums/f27/those-pesky-security-questions-82952.html#post1765353

I know, I know. I'm thinking to myself, "She really isn't asking for this!!!" And myself thinks to myself, "Yes, but, but but!!! I just HAVE to post about this. This is so cool and it is free."

Hah! It's like I have my own personal password manager fan club! I know you do like this little system that I use.

Funny though, our local bank changed hands, and I needed to set up a login and password, and I used this approach again. It often seems that these things work at first, then go by the wayside, but it has continued to work for me for years now. I like it more the longer I use it.

It's so simple, and I'm not reliant on anyone's system or software. No help desk to call. I like it.

-ERD50

 

[cathy63]

If you use Chrome as your browser, then Google will happily remember all your passwords and share them across all your devices for free. You can even access them online at http://passwords.google.com. This works on my laptop, ipad and android phone.

 

[Katsmeow]

I use Chrome as my browser most of the time.

As for not having the problem, I recognized that many people probably didn't have it. But, I found multiple reviews by people who like Lastpass who say this is one of the major cons for it. So, not sure why it is a problem for some and not others, but it is a huge problem for me.

I will contact Lastpass to see if they have any suggestions on how to avoid this problem. I would rather pay $12 than $39.99 a year if I could solve this. Although I think will try out Dashlane in any event to see how I like it.

W2R - I used to use a system similar to that ERD50. I still use it for some passwords. But, in the end it didn't work for me. Two main reasons.

1. Passwords often have to be customized to the site. Some don't allow special characters. Some do. Some allow ! while others don't but will allow * (or whatever). Some put a length requirement on passwords. It has to be at least X characters or exactly Y characters. Some require upper case and lower case letters, others won't allow upper case. So, what I found out was that with the huge number of passwords that I use there were always exceptions that didn't fit the pattern. That is, I couldn't use the pattern for that site and would have to use a variation and then I would forget the variation.

2. I also do have a security concern with this method. If I use the method at a site and that site is compromised could someone figure out the pattern and use it at another site. While I do use a variation of ERD50's method even now, I only use it for sites that are of low importance to me (ie it wouldn't be a big deal if someone got access to the site). But, I have enough other sites that I want them to have passwords that bear no relation to the password to any other site. So, I use random generated passwords for those.

 

[walkinwood]

Here's a thread with the same issue (I think).
https://forums.lastpass.com/viewtopic.php?f=12&t=143495

 

[Katsmeow]

Here's a thread with the same issue (I think).
https://forums.lastpass.com/viewtopic.php?f=12&t=143495

Yes, this is exactly the issue. I am going to try deleting the extension then putting it back in and seeing if that helps since some do that. I will also try adding stuff to the never ask option and see if that helps. Thanks.

 

[ERD50]

...
W2R - I used to use a system similar to that ERD50. I still use it for some passwords. But, in the end it didn't work for me. Two main reasons.

1. Passwords often have to be customized to the site. Some don't allow special characters. Some do. Some allow ! while others don't but will allow * (or whatever). Some put a length requirement on passwords. It has to be at least X characters or exactly Y characters. Some require upper case and lower case letters, others won't allow upper case. So, what I found out was that with the huge number of passwords that I use there were always exceptions that didn't fit the pattern. That is, I couldn't use the pattern for that site and would have to use a variation and then I would forget the variation.
...

Not going to try to 'sell' you on it, do whatever works for you, but this has never been a problem for me. I keep the 'standard keys' a mix of upper/lower case alpha, and numbers. I've never seen a financial site that restricted you to just upper case, or just lower case, or restricted 0-9. If a site require special characters, I put them in the unique section, no special chars in the 'standard keys'. Like:

example keys APPLE123 and zebra789; and I want some form of "local bank" as my unique key for that bank:

for a site that requires 2 special char: APPLE123lclbnk$#zebra789
for a site that forbids special char: APPLE123lclbnksszebra789

and this is written down as "-lclbnk$#-" or "-lclbnkss-"

I've never come across a site that had an exact Y number of char requirement. But if I did, and my keys were too long, I simply drop one of the keys and fill out the rest with the unique key. So that might be written down as "-lclbnk" which tells me add the prefix key, but no suffix key (no trailing '-').

2. I also do have a security concern with this method. If I use the method at a site and that site is compromised could someone figure out the pattern and use it at another site

.

I'm no security expert, but I don't think it works that way. I don't think anyone is putting two and two together, it's just social engineering or brute force attacks on a site. How would they know where else I did business, and how would they know that any part was repeated (other than following this thread! )

-ERD50