The government makes very few demands for data from password managers, but when it does it expects a lot, including login information, Forbes has learned.
In one case—the first documented government request to any major password manager—the Drug Enforcement Administration (DEA) demanded logins and physical and IP addresses, as well as communications between a user and LogMeIn, the owner of massively popular tool LastPass. It’s an encrypted vault for storing passwords. The DEA was seeking information related to a LastPass customer, Stephan Caamano, suspected of dealing drugs via the dark Web and Reddit, according to a search warrant detailing the request.
Full Article
What Happened When The DEA Demanded Passwords From LastPass
+37Security Softwares & Antivirus Business & Market Analyzer * Write near 5000 Topics about AntiVirus on my Blog ( Persian Language ) : www.disna.ir ( more than 500 topics about Webroot ) * Do you know Where is Durantash ? my profile picture is part of Durantash ( Ziggurat , Chogha Zanbil )
Thanks for posting, @durantash ,
I found the following paragraph particularly good to know...
"Despite its demand, the government could never have expected passwords from LastPass. A LogMeIn spokesperson explained: “User passwords stored on LogMeIn's servers are only done so in an encrypted format. The only way they get decrypted is on the user’s side, and the way that happens—the decryption key—is the user’s master password (used to log into LastPass), which is never received by or available to LogMeIn/LastPass. In other words, we have no means of decrypting user password information on our side, and thus, we are unable to provide these passwords.”
I found the following paragraph particularly good to know...
"Despite its demand, the government could never have expected passwords from LastPass. A LogMeIn spokesperson explained: “User passwords stored on LogMeIn's servers are only done so in an encrypted format. The only way they get decrypted is on the user’s side, and the way that happens—the decryption key—is the user’s master password (used to log into LastPass), which is never received by or available to LogMeIn/LastPass. In other words, we have no means of decrypting user password information on our side, and thus, we are unable to provide these passwords.”
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.