back to article Furious LastPass fans fear password wrangler's fate amid LogMeIn's gobble

LastPass has been acquired by LogMeIn, and people are deeply unhappy about the deal. The password manager announced on Friday that it was being gobbled up by the remote-desktop software biz LogMeIn for $125m. It's expected that the deal will close over the next several weeks. LogMeIn didn't provide details about what it would …

  1. Anonymous Coward
    Anonymous Coward

    Merger speaks

    The most feared words in a merger is ""we have no plans to ....

    That means the plans are set, the schedule is locked in concert, the layoffs will start soon and the product has enter the death spiral of the new company's need to save money to pay the lawyers/people who are paying for the merger.

    Time to kiss LastPass goodbye.

    1. Mark 65

      Re: Merger speaks

      You just spunked $125m on a company. There is absolutely no way you are not going to try to

      "extract value" from that transaction.

  2. oneeye

    Famous .....LAST ...words !

    CEO statement about nothing will change, where have we all heard that before? My strong recomendation is KeyPass as they cover all platforms,and especially on Android they avoid using clipboard because of the vulnerabilities. That being it can be read globally by all other apps. LastPass did,and continued to utilize the clipboard on Android,and refused to even warn their users. So the CEOs credibility is non-existent ! IMHO

    So all you teed off customers, Go Find KeyPass, I know you will like it. Plus,it's open-source for those of you who care.

    1. DropBear

      Re: Famous .....LAST ...words !

      1) It's "KeePass" and

      2) I'm especially fond of it considering it supports InputStick which allows you to take a USB-stick-sized thingy and start logging in left right and center to anything that supports a USB keyboard from KeePass on your smartphone.

  3. tkioz
    Unhappy

    Wonderful

    Oh joy. Why is it every software company feels the urge to 'bundle' their services... I use LastPass for managing my passwords, that's it. I don't want anything else from them...

    1. big_D Silver badge

      Re: Wonderful

      I'll wait and see. I don't see any problem at the moment.

  4. batfastad
    Big Brother

    All your base

    All your passwords are belong to ----------------------------------------------------------->

  5. Anonymous Coward
    Anonymous Coward

    Passwords combined with a remote access tool,!

    Was this merger sponsored by the NSA?

  6. fidodogbreath
    Unhappy

    This is deeply unfortunate.

    LogMeIn is NOT a trustworthy or reliable partner. LastPass users can expect massive price increases with little or no advance notice; reduced functionality; lousy support (if you get a response at all); and forced bundling of unwanted products, most likely to "justify" the aforementioned price hikes.

    I've been a paying LastPass user for years, but I've seen firsthand how LogMeIn treats its customers. I refuse to do business with them again, under any circumstances.

  7. Anonymous Coward
    Anonymous Coward

    Odd, for some reason I haven't renewed this year

    guess I never will.

  8. Kev99 Silver badge

    I have lost pass, I mean LastPass, at work. The only reason I do is because Chrome & Firefox won't play together nicely. I can't stand Chrome but that was the standard. I've switched to Firefox but I need LastPass to get my passwords from Chrome to Firefox. Once that's done, so is LastPass.

    1. 404

      Open Chrome, open 'Settings', scroll down to 'Advanced settings', scroll down to 'Passwords and Forms', click on 'Manage Passwords'. Click on whatever.com to highlight, then click 'Show'. Popup asking for system account password, do it.

      Passwords.

  9. Paul

    If you use XMarks (once foxmarks) for bookmark sychronisation then maybe you need to be reminded that lastpass bought xmarks.

    so you may need to find a new bookmark sync service too.

    1. Jay 2

      Bugger, I thought LastPass sounded a bit familiar. Hmm, annoying as I really like Xmarks as it manages to tie up multiple browsers on multiple platforms (with only the odd problem).

  10. Marco Fontani

    One more reason for pass ("password store")...

  11. JakeMS
    Thumb Up

    Oh the irony..

    The amount of times people have said to me "Hey, why bother using local password managers when you can use a secure cloud platform like lastpass which will always be available?"

    .. Well this is why.

    Also, isn't it pretty much standard that when company X gets purchased by company Z that users of company X's products almost always complain about the sale?

    I don't think I've ever heard of a company sale where users of said sold companies products have "hit the streets of the internet" to celebrate and party about it?

    1. DryBones

      Re: Oh the irony..

      Well, generally because if the purchase was an improvement, what were all those people doing using that crap in the first place?

    2. P. Lee

      Re: Oh the irony..

      There is no safe cloud, unless its your own cloud.

      My cloud client software happens to be an IPSEC client and sshfs.

      I have more storage and compute than I can use, plus jurisdictional certainty.

      With the way commerce is tending these days, you always need to have an "alternative plan" for every part of the infrastructure you don't actually own outright, or which can't stand alone from third parties.

      Why does every appliance vendor under the sun either write their own os or use linux/bsd? Because you can never trust a third party.

      1. Mark 65

        Re: Oh the irony..

        There is no safe cloud, unless its your own cloud.

        Maybe we need an extension to owncloud for this so we can run our own LastPass service and thus reduce the single pot of gold angle.

  12. J.Smith

    Dashlane...

    Is supposed to be good. Perhaps time to look at that (and other alternatives). Shame, I love(d) LastPass.

  13. reghark

    I'm still pissed at LMI for the data breach where every user's email address ended up on a spammer's mailing list.

    For LMI to make a profit on a $125m purchase cost, then they will need to do some stuff which will displease.... uh, everyone.

  14. Anonymous Coward
    Anonymous Coward

    What a shame, just as we were preparing to roll out enterprise-wide as well.... have to find some other tool now.. *sigh*

    1. Anonymous Coward
      Anonymous Coward

      It could have been worse. It could be 5 months after everyone in your enterprise finally started accepting it. Not looking forward to what's no doubt coming.

  15. tflopper

    On another note, anybody know any good cross platform password management products? Maybe the developers from lastpass could start a new company?

    1. JakeMS

      I've used KeePassX for years now, it's cross platform, or you can try KeePass (without the X) which is effectively the same thing, again cross platform except the Linux version of KeePass runs through *shudders* Mono .Net

      But that's where KeePassX comes in as it has a native Linux version :-).

      (Hence my choice of KeePassX over KeePass)

      1. fidodogbreath

        My main concern with KeePassX is that the current version (0.4.3) was released in March 2010. Doesn't seem like it gets much attention from the devs. KeePass, OTOH, is regularly updated.

    2. Phil Kingston

      Roboform for me.

      Unlike LastPass it actually works if you have more than a few hundred passwords. And supports most platforms/has a portable version etc.

  16. wxwalsh

    Dont believe anything LastPass says about the future

    Dont believe anything LastPass says about the future, they stand to get an additional 15 million as a retention bonus if they can convince enough suckers to stick around. That tells me that LogMeIn anticipated the backlash. They know we all see them for what they are.

    1. Anonymous Coward
      Anonymous Coward

      Re: Dont believe anything LastPass says about the future

      That sounds interesting. Got a source for the $15mm number?

      1. fidodogbreath

        Re: Dont believe anything LastPass says about the future

        It's in the LogMeIn press release about the deal. Scroll down to Transaction Details.

        https://investor.logmeininc.com/about-us/investors/news/press-release-details/2015/LogMeIn-to-Acquire-Password-Management-Leader-LastPass/default.aspx

  17. Aslan

    LastPass blocks comments on announcement post

    El Reg, would you please update the story to include that Lastpass has been censuring user comments on their blog post and announcement at https://blog.lastpass.com/2015/10/lastpass-joins-logmein.html/ letting through some ones which are slightly negative, but they have gotten so many negative responses that they closed comments entirely?

    1. phuzz Silver badge
      Facepalm

      Re: LastPass blocks comments on announcement post

      The only news there is that they were daft enough to leave comments enabled on that post in the first place.

      "Company removes negative comments from it's own website" isn't really censorship, it's just PR.

  18. Anonymous Coward
    Anonymous Coward

    Merge/takeover aside...

    what idiot would put passwords with a 3rd-party on the cloud? No amount of client-side encryption can save you from a pre-encryption intercept on the web.

    1. Phil Kingston

      Re: Merge/takeover aside...

      Probably someone who knows a bit more about it.

  19. Anonymous Coward
    Anonymous Coward

    Password Safe

    I've been using it for years. Versions for Linux, Windows, and clones for iOS. Not sure about a version for OS/X. Designed by Bruce Schneier FWTW. That wasn't a consideration, just ease of use, defaults, and doesn't mind where/how I'm plucking the password database from. [On this I'm very squirrelly. Copies squirreled all over the place.]

  20. Anonymous Coward
    Windows

    Time for MSFT to step-in

    With MSFT's expertise at cross-platform apps for iOS/Android, plus the WIndows 10 'hello' service etc. having them develop a secure pass-manager linked to Azure is what we want! (Oh yes we do!)

    1. Anonymous Coward
      Anonymous Coward

      Re: Time for MSFT to step-in

      Have an upvote for quality trolling.

    2. Tomato42
      Meh

      Re: Time for MSFT to step-in

      you may be trolling, but actually I'd see Microsoft takover in a better light than LogMeIn one

  21. Candy

    Another for the chorus.

    Having been royally f-, er, done over by LogMeIn in the past, I am also not leaving anything I use in their control.

    By choosing to move, I will at least have more than 5 days notice to either cough up or find an alternative. LogMeIn are neither forgiven nor forgotten.

    "Fool me twice" protocols engaged...

    1. Vince

      Re: Another for the chorus.

      That's the same LogMeIn that has been steadily increasing the pricing for basic functionality for the core product every year - from £0 subscription and pay £30 for a mobile app, and £30 for a desktop app, to £500 a year subscription and rising, and yet you get less functionality now than you did before for that money.

      Yeah, avoid... run...

  22. WinBot

    The future of LastPass is publically documented on the Meldium blog

    As a loyal and paying customer of LastPass I started my due dilligence process on LastPass and alternatives...

    You may want to update the article with what I found on the Meldium (a LogMeIn company) blog (http://blog.meldium.com/home/2015/10/9/joining-forces-with-lastpass):

    Quote: "Will I be able to migrate to LastPass?

    In early 2016 we expect to be able to offer all of our customers the opportunity to seamlessly migrate to a new comparable version LastPass.

    Will LastPass offer the same features as Meldium does today?

    That is our intent, to take the best of both products and deliver a phenomenal product to individuals, teams, small business and enterprises built on a secure platform with an intuitive experience."

    So Meldium will "disappear" and LastPass will be "enriched" with Meldium features...

    tl;dr We have until end 2015 to evaluate migration options from LP to another solution (including possibly the "enriched" LP)

    1. Roland6 Silver badge

      Re: The future of LastPass is publically documented on the Meldium blog

      "tl;dr We have until end 2015 to evaluate migration options from LP to another solution (including possibly the "enriched" LP)"

      And from the LogMeIn experience we know that the choice will be to join the subscription only service (priced for enterprise rather than consumers) to get the Meldium enriched LastPass service or have 5-days to clear your stuff out.

  23. Anonymous Coward
    Anonymous Coward

    LastofLastpass

    On a hunch I exported my details a few days ago in a .CSV format that easily imported into something else.

    Post announcement I went to export again and the format had changed (php dumped into a screen full of text)

    I assume this was to make it harder to jump ship or trigger a network data scrape. Please feel free to use the clipboard, it's not monitored!

    Did anybody else get to compare output before and after announcement?, felt phishy to me.

    1. Roland6 Silver badge

      Re: LastofLastpass

      Just done an Export and get and html file, the first part of which is in csv:

      url,username,password,extra,name,grouping,fav

      However, I note at the bottom it also lists all my WiFi logins which seem to break the format. So it would seem the file needs editing/selective copy-paste to enable import into something else.

      [Aside: Just found this interesting thread.

      https://forums.lastpass.com/viewtopic.php?f=12&t=148595 ]

      1. Anonymous Coward
        Anonymous Coward

        Re: LastofLastpass

        @Roland6 - Interesting, might be related to an old bug, tried it on one machine got the "screen full" but was spooked enough to just delete another account without a fresh export.

        The first machine was one I had previously exported to CVS three days defore, might have clicked via a second link process, but both times same browser OS etc, either way glad I'm free of it now, ones less bug to work around.

  24. Tockolock

    Who is LogMeIn owned by., China, Russia, C.I.A. N.S.A. G.C.H.Q. or any of the security agencies who think its their god given right to spy on us

    goodby to last pass I have used it for years. Now all my 42 passwords will have to be changed thanks a bunch LogMein

  25. Anonymous Coward
    Anonymous Coward

    "First of all, we (LogMeIn/LastPass) have no plans to change our existing business model,"

    lol, he read it off the trusted, post-aquisition script. And you know what happens then, sure as end of the world :)

  26. Anonymous Coward
    Anonymous Coward

    Another open-source alternative: passopolis

    "Run away" sounds like broad consensus.

    Another alternative is the recently open-sourced 'passopolis' (formerly mitro).

    All code is on github and implementation seems to be cleaner than LP.

    Importing into passopolis from LP was very straightforward following the published instructions.

  27. Paul Stimpson

    I just looked at 1Password. It looked quite good except there is no Linux version (I need support on Windows, Linux and Android to cover all the machines I use regularly). I asked if they had a Linux version on their roadmap and they responded "Thank you for your interest in this, but we don't normally discuss future plans."

    I'm not inclined to enter into a trust relationship with a company that won't be open and honest about something as basic as whether or not they are contemplating supporting a platform I want to use it on.

    Will be looking at Keepass and Password Safe next.

  28. Anonymous Coward
    Anonymous Coward

    After reading about this take over, I have just moved to Sticky Password. It seems quite good.

    I have deleted the logins that I had stored under LastPass, but I cannot find a way to actually delete my account.

    Still, I suppose an inactive account counts towards total user count in the scheme of things.

    Yes folks, we have x million registered users. No idea how many actually use the service though.

  29. Henry Wertz 1 Gold badge

    Surprised

    I'm surprised there's this much backlash, honestly.

    I was surprised when LogMeIn dropped the free service, instead of just having a trial or putting service limits on it or something (after all, how are they going to grow their user base? I wouldn't have recommended buying LogMeIn service if I hadn't been able to try it first...) But I didn't end up with any problems with the service.

    Is it fears they'll force-bundle LastPass with some other junk? Or that they'll turn it into some mutant hybrid of LastPass and LogMeIn's password service (that I'm not going to bother scrolling up to see what it's called?) Other problems with LogMeIn? General buyout fears?

    1. Alan Brown Silver badge

      Re: Surprised

      "I'm surprised there's this much backlash, honestly."

      You clearly haven't been following security news. Logmein doesn't exactly have a stellar reputation.

    2. Cuddles

      Re: Surprised

      I can't say I'm actually surprised, this being the internet and all, but I am having trouble seeing exactly what the fuss is about. I've never even heard of LogmeIn before, but most of the complaints seem to be that they decided to charge for their product rather than giving it away for free. Not what I'd consider the worst offence ever for a company which presumably employs people who enjoy being able to eat. The concern appears to be simply that they might raise the price of using LastPass as well. Well OK, if they raise it to a point I don't consider it worth the cost, I will stop using it. If they don't, I don't see a problem. Making a big fuss that the price of a service might increase by some undefined amount at some unknown point in the future just doesn't seem particularly productive.

      1. Anonymous Coward
        Anonymous Coward

        Re: Surprised

        We use LP and we pay for it.

        We use them because they're _not_ LMI and that's a business decision based on LMI's support and security levels (pricing was only a secondary consideration).

        Now we have to find another camel to carry the load.

  30. Mark 15

    Double, Triple, Quadruple - How much can you squeeze from your customers.

    Having been a LMI customer until early this year, we had to find an alternative as the price doubled year on year. They priced themselves out of the market and would just ignore attempts to contact them. A sad day for Lastpass.

  31. trillyuk

    Another alternative

    For those looking for an alternative to LP I have used Roboform for many years and surprised no one has mentioned it as an option so far, it won’t ne for everyone but they support desktop, usb portable and a cloud based sync to every device. There are MAC, Windows and Linux versions, Android and IOS variants and even a Windows Phone version but that was for Win 5/6 last time I looked.

    As well as a password manager it works well as a favourite / bookmark manager as well and supports 2 factor authentication and touch ID on IOS and private key to encrypt passwords locally on cloud.

    I look at lastpass a few years ago but preferred the interface to roboform whose support is reasonably responsive to the odd query I have thrown at them.

    Worth a look even if to rule it out.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon