There are those who will see the latest LastPass hack as a vindication of their view that online password managers are a disaster waiting to happen. Frankly, despite some of the hyperbolic headlines, I believe the concept is still sound.
First, it’s nearly impossible for any particular user to manage his internet presence without a password manager simply because reusing usernames and passwords becomes more inevitable if you’re generating them any other way than a manager, and reuse of easily remembered passwords is a far greater vulnerability. LastPass has a good reputation for fixing its mistakes and continuing to work hard to safeguard user data, so in the rub, a service like LastPass is still the way to go.
Second, the way LastPass protects the most important asset we entrust to them–usernames and passwords to other sites–is still fundamentally sound. Even if hackers manage to break the encryption on any individual set of user data, that likely does not give them access to everyone’s data.
Third, like most reputable web services, LastPass allows for additional safeguards like multifactor authentication to help further increase security. Using LastPass at the highest security setting is still the safest bet over the same username and password over and over.
Granted, the damage could still be more severe that LastPass currently knows, but my view right now is that it is not and the service is still safe. If it proves to be otherwise, we’ll have to dig into alternatives.
Or, caveat emptor always applies.
If you’re at all like me and follow the crowdfunding world with a sense of excited curiosity, then you can’t help but to have noticed the crop of “how not to get scammed” articles littering the tech writing world in the wake of the FTC ruling over a known Kickstarter based fraud. I think the thing that surprises me the most about all of this is the apparent naivety it seems to reveal about the crowdfunding world.
Don’t get me wrong, because I don’t think even most crowdfunders are naive. Rather, I think enough of them are that their collective outcry when a campaign fails or turns out to be a scam gets a lot of attention. And that attention seems to come from the fact that not a small number of people think the crowdfunding world is somehow immune from the risks that have attended all ventures since the beginning of mankind.
Quite to the contrary, crowdfunding is its own unique kind of risky venture because it lets anyone who wants to help incubate ideas that other forms of venture would never would probably never let see the light of day. It democratizes the incubation of ideas, and as anyone who has paid attention to democracy will note, it’s a messy, error-prone process.
So, yes, crowdfunding efforts are going to fail. Even ones for great ideas. Scamsters are going to succeed in separating people from their cash. Even seasoned venture capitalists fall for that (Dot.com bubble or Enron anyone?). Neither of those facts make the process bad. Rather, they reveal crowdfunding has risk. If that bothers you, don’t participate.
As for me, I take the risk because I enjoy the potential outcome. That’s worth losing some money once or twice, because the potential reward so often outstrips the risk.