Security Review: LastPass Enterprise password sharing as Passwords.gpg alternative

RESOLVED FIXED

Status

RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: mjeffries, Assigned: kang)

Tracking

Details

(Reporter)

Description

4 years ago
We are investigating whether LastPass Enterprise's password sharing feature could be used as an alternative group password manager to our present system leveraging passwords.gpg. LastPass would be linked to LDAP, and should provide encrypted, granular management of shared passwords. If successful, it would enable password management on a per-system basis, and no longer need the svn/gpg process we presently use for managing passwords.

This is related to bug 705189.
The review has been performed and recorded at https://mana.mozilla.org/wiki/display/SECURITY/LastPass+enterprise+for+shared+passwords+review

If you want to discuss again the results and remediations/mitigation, or get a review with a different scope we can do that tho :)
Assignee: nobody → gdestuynder
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.