We all heavily depend on password-protected sites and apps. Between social networking, work emails, personal emails, and online banking, using the same password for everything may seem convenient. But using one password across multiple accounts makes you much more vulnerable to hackers and security breaches. Luckily, there are password managers that allow you to store all of your unique passwords in one place.
One of the most popular password managers around is a web-based service called LastPass. It’s an easy-to-use password manager that stores passwords and other sensitive information, while using added security measures to keep your passwords as strong as possible. And while LastPass offers premium paid features, you can use it for free.
How It Works
LastPass acts as a “vault” for all of your passwords. To access the vault, you first have to create a master password. This is the password you will use to login to LastPass. Once you’re in, you have access to all of your stored passwords. The interface is simple, easy to read, and easy to navigate. You can also create folders for different types of passwords (for example, one for social media, one for all of your emails, one for streaming services, a family folder, etc).
In addition to storing passwords, you can also store information like addresses, credit card information, bank account information, health insurance information, and more. You can even add a secure note, which includes the option to upload a PDF document. To add an item, simply click on “Add item” at the bottom of the screen, and then select which kind of information you want to add. The categories are also conveniently categorized on the left in the collapsable tab.
How To Install
To use LastPass, you have to install the extension onto your web browser. Once it’s installed, click on it (it looks like an ellipsis), and enter your email address. You will then be asked to create your master password, which should be a strong password that you haven’t used before, since it will be protecting all of your other passwords. Once it’s installed, you can click on the extension in your browser and access your vault whenever you are connected to the internet. You can also download a desktop app to access it offline.
Generating A Password
LastPass allows you to generate unique, complex passwords whenever you are making a new account online. When creating the account, click the “generate password” field icon to open the password generator. LastPass will create the password and then automatically save it both to your vault and in the autofill section for that website. You can also make changes to the generated password by clicking “show options.” It’s easy to update passwords, as well.
LastPass also gives you the option to securely share your passwords. Once you’re in the vault, go to the icon for the account associated with the password you want to share. Then you can enter the email address of the LastPass user you want to share the information with. If they don’t already have an account, they will be invited to create one. Once that person has an account, they will be able to view the password. You can also share an entire folder.
The Security Challenge is a unique feature which helps you maximize the strength of your individual passwords, all while teaching you helpful password management skills that are helpful to know anyway. When you take the “challenge,” it first tests your passwords and tells you how secure they are. For instance, if you test a password that you use for multiple accounts, LastPass will tell you to change it (using the same password more than once leaves you more vulnerable to hacks). It will then run a security breach test against any email address associated with one of your saved passwords. If a security breach is found, the details of the breach are emailed to the affected email address. You can opt to run this test for as little or as many email addresses as you want. LastPass also provides a full, detailed report of every login and password stored in your vault. The report indicates duplicates, compromised passwords, weak passwords, and old passwords.
LastPass will assign you a numerical percentage for your overall security score. When you change a weak password or generate a new one when it’s time (every 90 days), your score improves.
Premium Vs. Free
For only $2/month, you can upgrade to LastPass Premium. Premium includes added benefits, like a universal sync feature that automatically syncs your passwords across multiple devices and operating systems. Premium also comes with advanced two-factor authentication options, like fingerprint authentication and a USB verification option.
While these are helpful features, there isn’t that much of a difference between the premium version and the free version. Some users may find it might make life a bit easier for $24/year. But it’s not necessary.
Other Pricing Options
LastPass Families allows you to create one vault for an entire family. Each family member has access to the vault using their personal email, but one designated “family manager” decides which member can view certain folders and information. For example, you can allow your kids to view the Netflix password, but deny them access to your credit card information.
There are also two business options: LastPass Teams, for smaller businesses or inter-departmental use, and LastPass Enterprise, for larger businesses. Both options eliminate the need for a shared password spreadsheet and allow for easy and secure information sharing. LastPass Enterprise offers even more advanced management options and directory integration.
LastPass is web-based, so you must be connected to the internet to access the LastPass vault. For those who are extra cautious when it comes to cybersecurity, using an internet-based system to manage sensitive information might not seem ideal, as these systems tend to be more susceptible to security breaches. However, LastPass encrypts locally, meaning that the data stored in your LastPass vault is encrypted and decrypted on your device. So your master password and all of your encryption keys are essentially invisible to LastPass and cannot be accessed on the company’s servers.
LastPass offers other additional security measures, like multi-factor authentication. This allows you to send verification codes to a designated device (most commonly a smartphone), which you will need in order to login. You can also download the LastPass mobile app, and use that to get the authentication code.
Advanced premium options include fingerprint verification and a special USB authentication device, if you want to be extra cautious. Additionally, you can designate “never URLs,” which allows you to list specific sites that you never want a password saved for.
LastPass has had its share of run-ins with hackers in the past. In 2011, LastPass issued an alert to its users that there was “unexplained traffic” on one of their servers, and cautioned them to change their master password. There was a more significant attack in 2015, when LastPass announced that their servers were compromised, and encouraged its users to change their master password. After investigating the incident, they found that no encrypted user information was taken.
Since LastPass uses a one-sided encryption process, it would be extremely difficult for hackers to gain access to the vault; if anything, hackers may have been able to expose users’ email addresses, but that doesn’t provide any information beyond that person using LastPass with that email address. Nonetheless, LastPass was extremely open about the incidents on their website, offering an in-depth explanation of what happened and ensuring users that they have increased security measures to maximize security.
LastPass also offers a mobile app for iOS, Android, and Windows. Once you install the app on your phone, you will have to enable the device by confirming it through the email associated with your account. The interface for the mobile app is straightforward and easy to read. The mobile app is compatible with Safari and Chrome browsers, but in order to utilize the LastPass autofill within other apps, the app must be compatible with LastPass. For apps that are not compatible, you can copy and past credentials from the LastPass app into the app you are trying to use.
- LastPass Personal: free to download, includes a free 30 day trial of LastPass Premium
- LastPass Premium: $2/month, one user
- LastPass Family: $4/month, six users
- LastPass Team: $29 annually per user, 5-50 users
- LastPass Enterprise: $48 annually per user, 5+ users
Who It Might Be Good For
- Anyone looking for a free, trusted password manager
- Someone seeking an easy-to-use password manager
- Anyone looking to generate secure passwords with one click
- Families looking for communal access and parental control to passwords (Premium)
Who It Might Not Be Good For
- Someone who doesn’t want a browser-dependent password manager, as an internet connection is required for use
Password managers in general are extremely helpful in keeping all of your passwords secure, and LastPass is so easy to use that there’s very little reason for anyone not to try it. Creating a unique, complex password for all of your accounts can be tedious and hard to manage, but it’s an enormously helpful security measure that LastPass makes extremely simple. The family option is especially great for families, as it provides easy-to-use control over your kids’ account access. The LastPass interface is easy to navigate, so it’s also ideal for people who aren’t computer-savvy.