Comment Re:I believe I have a pile of I-told-you-sos to se (Score 1) 206
Lastpass is extremely convenient and I don't know of many practical alternatives that are any more secure against the same threat models.
Keepass with sync to a Google account. Gives you everything Lastpass Premium does for free, and it's more secure to boot. 2FA is free with Google accounts (no need to buy additional hardware), sync to mobile devices is free, and by not running in the browser and allowing you to use an optional keyfile as well as a master password it's more secure.
Well, it is missing support for ChromeOS (which also requires running in the browser).
And I don't really see it as any more secure. Somebody can hack into Lastpass, and somebody can hack into Google. Both are likely fairly robust with their security. Apparently Lastpass is fairly up-front about intrusions.
And nothing prevents you from using a keyfile with lastpass. Just copy/paste it into the password prompt right after typing in your memorized portion of the password.
I'd say that keepass is at best equivalent to lastpass if you're able to access the passwords from multiple systems, and if you don't implement it well you could be worse off.