Reply To: Last Pass Password Manager
LastPass claim that the passwords are encrypted, and stored only on my PC.
Your data is encrypted and decrypted at the device level. Data stored in your vault is kept secret, even from LastPass. Your master password, and the keys used to encrypt and decrypt data, are never sent to LastPass’ servers, and are never accessible by LastPass.
They mean the unencrypted passwords along with the master password are never sent to their servers so they have no way of discovering your passwords. The major advantage of LastPass over something like KeePass is the syncing of passwords between devices so they need to have the encrypted passwords for that to work. LastPass’s other big convenience is the auto filling in of passwords but that’s also the biggest security risk as you can see from its Wikipedia page.
If you’d like more info, LastPass was covered in this episode of Security Now.