LastPass: The Last Password You Have to Remember

6 minute read
Share this:
By Archetype SC
ASC Staff

Every security professional will tell you the importance of creating unique, long, and strong credentials for all of the accounts you have but that can be a daunting task considering how many accounts most of us have today. While all of humanity waits for something better (ie. Biometrics), the username and password is here to stay and we need to embrace its existence. LastPass is a password manager that has some useful features and while it is not the only password manager on the market, it is the one I use and have used for over 5 years for personal use.

LastPass’s offerings include a free version which is full featured with the exception of mobile devices, a premium version which allows access to your ”vault” from your mobile device and other mobile features for $12 yearly, and an enterprise option adding SSO to web applications and other enterprise password management features at a cost starting at $24 yearly per user. I am a premium user and can honestly say that it is something I use every day and encourage others to as well.

LastPass for your browser comes packaged as an extension and works with all of the major browsers. Once installed it will automatically recognize pages with logins and either suggest that it save that site for future logins or fill with credentials you have in your vault. More importantly though, it can create a unique password for that site and save it for you. Next time you visit that site you need only to put in your LastPass master password and it will automatically log you in using the unique password it created without the need to remember it. When a website is breached and credentials are taken, the first thing criminals will do with that information is try and correlate the stolen credentials with other more important sites like your bank or email accounts. Using a unique password for every site is the easiest way you can protect yourself from being hacked.

LastPass mobile brings your vault to your phone or tablet and comes with other mobile features as well. One of the things I have been pleased with over the five years I’ve used it is its updates. The developers are always adding new and useful features making the $12 yearly investment seem worthwhile. Again it is cross platform with all major phone operating systems and comes as an app. The app is multi-functioned because it gives you access to your vault allowing for copy and paste into other browsers but it also come with its own secure browser. If you need to check your accounts you simply open the app, put in your master password, and you are free to securely move from account to account without having to put in any credentials. It will fill your unique passwords automatically making it a huge time saver especially on a touchscreen.

There are dozens of other features bundled with the product including secure storage of notes, form fill profiles and many more that make it a great addition to your online life but one of the coolest is its security check. LastPass will audit your vault and perform several activities. It will check your email addresses against known breaches to make sure your accounts have not been compromised. It also checks for duplicate, old, weak, and compromised passwords and suggests remediation activities. All of this information is compiled and you are given a score to compare your security posture against other Lastpass users. Just released is the option of a one click password change allowing you to tell LastPass to change passwords for multiple sites and it will do it for you.

In closing, everyone has usernames and passwords that need to be used daily and keeping them unique and strong is almost impossible without a system. Too often the “system” is a post-it note stuck to a computer monitor or using the same credentials for multiple sites. LastPass uses local-only decryption and the key never leaves the device meaning that if their systems were breached your information would not be compromised. The vault is stored on their servers using the AES 256-bit encryption and it is routinely increased to keep everything secure.

Check out www.lastpass.com for the latest information

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram