Closed Bug 1024810 Opened 10 years ago Closed 10 years ago

Security Review: LastPass Enterprise password sharing as Passwords.gpg alternative

Categories

(mozilla.org :: Security Assurance: Review Request, task)

Product:
mozilla.org
Component:
Security Assurance: Review Request
Platform:
x86
macOS
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: mjeffries, Assigned: kang)

Details

We are investigating whether LastPass Enterprise's password sharing feature could be used as an alternative group password manager to our present system leveraging passwords.gpg. LastPass would be linked to LDAP, and should provide encrypted, granular management of shared passwords. If successful, it would enable password management on a per-system basis, and no longer need the svn/gpg process we presently use for managing passwords.

This is related to bug 705189.
The review has been performed and recorded at https://mana.mozilla.org/wiki/display/SECURITY/LastPass+enterprise+for+shared+passwords+review

If you want to discuss again the results and remediations/mitigation, or get a review with a different scope we can do that tho :)
Assignee: nobody → gdestuynder
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.