LastPass Quirks

lastpass-callout-screenshotLastPass Quirks: a reader asks…

I’m ready to take your advice on using a password manager. Is there anything I need to know about LastPass before I pull the trigger?

The LastPass website has a number of tutorials that you should spend the time to watch. Watch the basic tutorial at at https://lastpass.com/basic.php. You may also want to watch at least some of the screencasts at https://lastpass.com/support_screencasts.php. And the main manual is at https://helpdesk.lastpass.com/. If you’re new to password managers, you need to learn how to use them, just like you’d learn to drive a car if you never drove one before.

lastpass-versions-screenshotI should say that all password managers are a little kludgey in that they insert themselves between you and the places you log in, and their processes may not be as simple and seamless as they’d like you to think. Of the password managers I’ve tried, I’ve found LastPass to be the easiest to use. First, you need to recognize that there are different flavors of LastPass. There’s the free version which is great, and the premium version which has more benefits, Lastpass for Families and Lastpass for Business. While many individuals can get by with the free version, the Premium version is only $24/year and I think the added benefits are worthwhile. They are: One-to-many sharing, Emergency access, Advanced multi-factor options, Priority tech support, LastPass for applications, and 1GB encrypted file storage. But the most important reason for upgrading to Premium is that you can then use LastPass on multiple, different platforms – the free version is limited to one platform.

What that means is that you can use your LastPass Free account on your desktop/laptop computer, and therefore on any desktop/laptop computer. Or you can use it on your smartphone and therefore on any smartphone. Or on a tablet and any tablet. Want to use it on both your computer and smartphone? For that you need Premium.

lastpass-extension-in-chrome-screenshotThe 2nd thing to be aware of is that for the most part, LastPass on your computer works as a browser extension, rather than its own full-featured program. It’s meant to be lean and quick, and for the most part, is. Since most of your password managing needs are at websites, this makes good sense. When you install the LastPass extension, it works within the web browser, giving you password help when you need it. You don’t have to run a separate program just to get access to your passwords.

When you need to open your vault to look at what it has, or to open the LastPass preferences or other controls, you do this within your web browser, which opens a new tab to the item you want. You can use this to also create other kinds of LastPass entries besides websites. Such as secure notes that hold any kind of information you want, drivers license, credit card, bank account, whatever. Just click on the extension icon showing in the top-right of your browser window to pop open a menu and choose a menu option. One nice thing about this menu, there’s a handy item to create a new, secure password on the fly, which you can then copy and paste anywhere you need it.

lastpass-duplicate-password-warning-screenshotAnother quirk about LastPass is that sometimes when you click on the extension icon (in the top-right of your browser window above the webpage and by the elipsis control icon), sometimes you’ll see a menu of choices, and sometimes you’ll see a warning of a duplicate password being used. Over time you should be changing passwords (and using the password generator in LastPass) so that every unique website, app or destination has a strong and unique password – never use the same password on multiple sites.

Advertisement

This duplicate password warning should be taken seriously, since if any one of your websites is hacked and your password stolen, the hacker could then access other sites where you used the same password. Anytime you see this warning you should take a moment to change the access password on that website (and update LastPass). If you never see this warning, good for you – you don’t have any duplicate passwords in use!

lastpass-secure-note-template-drop-down-list-screenshotI would encourage you to use LastPass for more than just website passwords.Your vault has secure notes that can be configured in a lot of different ways to hold whatever information you hold dear. Insurance policy numbers, your driver’s license number, credit card information, and more. There are templates on a drop-down list that adjusts the form of a new secure note to these different types: address, bank account, credit card, database, driver’s license, email account, health insurance, instant messenger, insurance, membership, passport SSH key, server, social security number, software license, and Wi-Fi password. This is in addition to the generic form (with no special fields), and there’s even a custom form feature so you can create any special form types (with custom form fields) that you like.

You can organize all your vault records into various types of folders such as personal, business, security, shopping and a slew more. You can also create your own categories of folders for organizing along whatever method you like. You can share notes with others, although I’d consider that lowering your security. You are best off not sharing any of your passwords with anyone, let others use their own LastPass accounts – LastPass has a family subscription that works quite well for that.

lastpass-menu-screenshotSome website login forms aren’t coded in standard formats that LastPass can recognize, so you may have to copy a password from your vault and then paste it into the password field. With the login form open, click on the LastPass icon at the top-right of your browser, and click on Show Matching Sites. Use Ctrl-C and Ctrl-V to copy and paste.

Using LastPass on a smartphone or tablet works differently. You can open LastPass, choose a site and login using LastPass’s built-in browser or use the Share icon to bring up LastPass when using a web browser. One thing that can be a bit of extra work is that many apps on your mobile devices aren’t developed to be used with password managers. So you’ll have to open LastPass, copy the password, go to your app and then paste the password into the correct field. As time goes on, more and more apps will be re-developed so that they either use advanced password management inside the app, or will integrate with your 3rd party password manager.

Lastly, I’ve noticed that sometimes LastPass may take an extra click to come up, or you may notice other malfunctions that occur sporadically. Web browser designers are constantly tinkering with their products, which can (at least temporarily) interrupt full functionality. And LastPass, like all password managers is constantly under attack by hackers. On that last note, you can rest assured that your vault remains secure, even the folks at LastPass can’t hack into it without your password. And for goodness sake, turn on 2-factor authentication in LastPass to ensure that even if your password were compromised, your vault would remain safe. Personally, I’m more partial to authentication apps you install on your smartphone than simple text-message-based authentication. Apps like the Google Authenticator, LastPass’s own authentication app, or Authy are high-quality apps to secure your vault as well as any other online accounts that support 2-factor authentication. More and more apps and websites are implementing 2-factor authentication, and you should use it anywhere it’s available.

 

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:

Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek
(@PosiTek)

Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to support@positek.net
(Support@PosiTek.net)

Click or tap to open a new browser tab or your Paypal app to send money using your credit card to support@positek.net (no Paypal account required)
(using any credit card)

or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!

Leave a Comment

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

This site uses Akismet to reduce spam. Learn how your comment data is processed.