When I first started building websites in 2010, the idea of needing extremely secure passwords wasn’t foreign to me. At that time, I had a password that had been generated for me by my high school IT person. I had been required to memorize it for school, so I had just been using that 12 digit hexadecimal password for everything. I thought that was security. Boy was I wrong.
Fast forward to a few years later when you started to see major companies having their data breached. Sony in 2011, Adobe in 2013, Yahoo and eBay in 2014 … the list goes on. But I had an account with each of these at the time of their breaches.
So that means my 100% security strength password might as well been “LETMEIN!” because it had been leaked. Any hacker that got their hands on that data could then take it and try other online portals, like my bank account or PayPal.
Bad stuff.
But what choice did I have? A spreadsheet on my computer with all those passwords? That seemed even worse of an idea than using the same password. Sticky notes? Please. I felt completely helpless in this scenario. I mean I can’t even remember my anniversary half the time, let alone 1,100 unique complex passwords.
Enter LastPass. They promise to save all my passwords in a secure way using their internet magic and to do it for free. This sounded way too good to be true. Like… get your bank account drained too good to be true. But it wasn’t!
LastPass is an all-in-one password managing solution. It provides secure passwords, saves login credentials, forms, credit card information in an extremely secure way. LastPass runs via a browser extension or device app. It also has an online web portal to access your information from.
To use LastPass you need to create a master password. This master password needs to be extremely secure since it will be the password you use to access all your passwords.
They use AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to ensure your data is kept secure.
If you don’t understand what that means, take comfort in knowing LastPass doesn’t even have the key to access those passwords – that key is computer generated and saved on your local device. Your master password and those keys are never sent to LastPass.
And to take it even further they have multifactor authentication. Meaning, you can set up your account to require a text verification, fingerprint scan, or a number of other ways to authenticate your login.
Yes. For most use-cases, LastPass is completely free. They do have paid plans that are perfect for businesses with many employees or IT professionals, but the free plan covers all the every-day user’s bases. I personally use the Premium version, since I really love what the company is doing and I want to support that.
in 2020, your browser probably already has something similar to this. However, I’m personally sketched out by my browser saving passwords. If someone were to get access to my computer, they could just rip those passwords – and that would be bad.
LastPass is in the cloud, so you can access it from anywhere.
LastPass’s password capture is really straightforward! First make sure you are logged into your LastPass account via the browser extension. Then when you enter login credentials (or create a new account somewhere), it will automatically grab those credentials and ask you if you want to save them.
I’ve been using LastPass now for 6 years and I have noticed some passwords have been saved incorrectly. Sometimes it grabs the email and uses it as the password, or sometimes it uses your username as the email or vise versa. But if you’re diligent to check when adding passwords to your account, it is truly a time saver. And honestly, it does a pretty good job by itself these days.
Your LastPass vault is the web portal I talked about a little earlier. Every password, email, form field fill, note, file, or credit card information you save is saved into this vault. To access the vault, you need your master password and whatever multistep authentication option you go with.
You can access that vault from any device that has an internet connection and a browser. It’s incredible.
LastPass doesn’t just remember your passwords. It can (and should) create them for you as well. Your password that you think is super secure, the one about your dog and favorite number – sucks. It’s bad. You’re bad at making passwords and you should stop. Instead of making your own passwords, that honestly aren’t secure and will not protect you from the most basic brute force attack, you should just let LastPass create them.
LastPass’s password generator lets you set a length and gives you options for which characters to use. it also lets you decide if you want it to be easy to read or say. And it will fill it in for you automatically.
LastPass’s password generator is the backbone of any secure online profile.
This one is a bit morbid, but I know that my sister-in-law, who is always prepared for anything, would love it. LastPass has a feature called Emergency Access. This allows for your loved ones to access your LastPass account, and therefore all your online accounts if something were to happen to you.
Setting this feature up is as easy as inviting your special someone to the account and granting them that level of access upon your death.
Similar to Emergency Access, LastPass allows you to share individual passwords. This is perfect for sharing these super-secure passwords with your team or family. My wife and I use this feature to share our most important accounts’ passwords with each other: Netflix and our bank. If we ever change the password on any shared password, it gets updated on both of our LastPass accounts automatically. It’s wonderful!
This is a feature that I have to admit that I don’t use too often. I hate it when my browser auto-fills forms for me because of how poorly they have historically done it. And because of that bias, I’m afraid that I’ve never taken the time to fill out the settings in LastPass to see how well it handles the job.
But, if you find yourself filling out a ton of forms online, and you want a program to do it for you, LastPass has you covered.
LastPass’s multifactor authentication process is pretty intense. You can set up just about any 2-step you want, but they take it further by giving you full control as the head of your IT department. You can set up geolocation, timeframes, you name it. Honestly, I’m doing a pretty terrible job of explaining this feature since it’s not something I personally use. But it looks incredible for the secure-savvy micromanagers amongst us. :) Check LastPass’s Landing Page for better details.
Although every password should be super secure, chances are that they aren’t. And although every website you create an account on should be safe, chances are they’ll be breached during the time you have an account with them. That’s where this security challenge feature comes in.
Not only does it give you a rundown of all your passwords security strength, but it also tells you if an email address has been leaked or if a website you have an account with has been breached.
The year is 2020 and you probably have a smartphone. In fact, you’re probably reading this sentence on your smartphone. LastPass knows that, so they’ve created an app for your device.
I personally use an iPhone and I have the iOS app. Recently, Apple began allowing apps to talk to one another, so now you can even use your fingerprint scanner or Face Id on your device to access your passwords. You can then use that to fill in the passwords on any app. It’s incredibly helpful when trying to log into Netflix while on vacation. :)