Is it safe to use XMarks and LastPass?

Gustavo Ibarguengoytia May 27, 2011

I have Firefox 4 at work and a personal PC, and an iPhone with Opera Mini (the Firefox solution isn’t very good for the iPhone). I want to synch my bookmarks across the different devices and browsers.

I knew XMarks could do this, but it was acquiered by LastPass and recently they had a security breach of sorts. Is it safe to use their service after the event? Are there other solutions?


  1. Tina
    October 23, 2011 at 2:09 pm

    Comment from Tom removed by request:

    I don't see the problem with using LastPass to store [very] sensitive information. Password/data are stored on the LastPass servers and on your computer in an encrypted manner which, if you have chosen a strong master password, would not allow a hacker to crack, even if it managed to get access through the corporate firewalls of LastPass or on your local computer.

    I believe the real threat are keyloggers which must be kept at bay using anti-virus and anti-spyware software which must be kept updated with the latest definitions at all time.

  2. emrecnl
    June 1, 2011 at 3:13 pm

    I'm agreed with Fidelis, it is the same way I use Lastpass. Few basic rules I made up and following, no master email account and no banking account information should be kept in Lastpass.

  3. Gustavo Ibarguengoytia
    June 1, 2011 at 1:19 pm

    Thank you all! Lots of great answers, I'll be checking it out now.

  4. Steven Thomsen-Jones
    June 1, 2011 at 8:51 am

    The way I see it, Lastpass has one real thing to do, look after the security of it's data. Even with any attempted breech of their security storing my passwords, and now websites thanks to XMarks, on their systems is still infinity more secure than having them stored locally on any device I happen to be using.

  5. Taylor Gibb
    June 1, 2011 at 4:20 am

    i use last pass as i have too many user names and password just make sure you use a different password for every site and if someone hacks them and gets one of your passwords they wont have access to all your sites, with that said the likelihood of that happening is kinda low in my opinion as a company focused on storing very sensitive information they have people constantly monitoring there database and other servers if it even picks up one anomaly it will alert them even if it is not a breach. Now that we got that covered they also transport all traffic using SSL with 256-Bit AES encryption NOBODY is going to hack that just, i use them everyday of my life and have never had a problem and IMHO i think it isa great service.

  6. Tom
    June 1, 2011 at 1:47 am

    The LastPass breach was only a potential problem if your master password was weak. they key to important passwords is complexity. As long as you have at least two each of at least 3 of 4 characters types (Upper/lower/number/special), and are not using dictionary words, you should be safe.

    May 30, 2011 at 11:36 am

    Hello, I have not stopped using lastpass.  I keep changing passwords often anyways...and also I do not keep banking or other really important information there, not because of the so called anomaly but because I rather keep some things really private.  

  8. Anonymous
    May 30, 2011 at 6:40 am

    Even microsoft can be hacked so a smaller LastPass is not an exception, but developpers do all possibles to make stronger security soft but there is always a hacker back there looking.

    Why potential LastPass data breach isn't last straw

    Cross Site Scripting vulnerability reported, fixed

  9. John
    May 29, 2011 at 9:54 pm

    The "security breach" in LastPass was their way of letting everyone know that a traffic anomaly had been detected in their system. No breach has so far been confirmed - and most other companies would probably not even mention such a situation to their customers. Read more on their blog,

    IMHO, LastPass and XMarks is as safe as you can get from a cloud-based service nowadays. As long a you use a good master password (for LastPass, that is), you can feel as safe as anywhere else. If that is not enough, you can use two-factor authentication for extra safegurading. I do not know how XMarks integrates with LastPass yet, if at all, but I would not hesitate to use XMarks at this time.

Ads by Google