LastPass Password Manager
Lastpass is easily one of the most popular password managers on the market today, this is mainly thanks to the strong security combined together with various features which make it safe and effective for anyone to use.
As our lives move increasingly more towards the internet and onto smart devices it is now more important than ever to keep everything as secure as possible, in many cases this means using strong, secure and unique passwords to best protect ourselves.
Naturally, as time goes on having tens or even hundreds of unique passwords soon becomes impossible to manage for most people, this is where a password manager becomes essential and means only a single, strong password needs to be remembered by the user.
LastPass can be configured with a single, secure password and 2FA (such as Google Authenticator) to ensure all passwords remain safe, secure and yet still easily accessible by the genuine user whenever needed.
- Well designed and easy to use software
- Plugins available for all major browsers
- iOS and Android apps available
- Cloud synchronisation between all devices
- Supports 2FA (multi-factor authentication)
- Impressive set of features in the free version
- Automatic password generator
- Automatic website logins
- Easy sharing of logins from within the app
- 1GB of secure file storage (Premium only)
- Windows app auto-fill (Premium only via desktop app)
There are several ways to acccess LastPass, these include browser extensions for all major browsers, a Windows application, apps for iOS and Android and finally a web-based console accessible from virtually any web connected device.
The initial sign-up process involves creating an account and can be done via any of these access tools, it is at this point you will also need to specify your master password which will be used to encrypt all information relating to your account.
Once the account sign-up is complete and the master password set, LastPass will become usable and will start remembering your passwords as and when required.
Types of Data Stored by LastPass
LastPass, as you would probably expect, stores logins and passwords for websites and apps. In addition to these website logins, LastPass also stores other useful data including, payment cards, bank accounts, secure notes, identifications (e.g. driving licence details) plus server and SSH keys for those who need to save them.
If you are using the free version of LastPass then regardless of this categorisation system all details will need to be stored in plain text, this means when saving a payment card, for example, you will need to store the important digits as text. Should you need to store actual pictures of the payment card then a LastPass Premium upgrade will add 1GB of secure storage to the account. This 1GB of secure storage could be used for storing any secure documents but I myself have found it very helpful in securely storing pictures of payment cards, driving licences etc.
Adding a New Site to LastPass
Once you have a LastPass account setup one of the most important tasks to complete is adding new (and existing) logins to the password manager, this should, of course, be as easy and straightforward as possible.
Providing you have the LastPass browser extension installed whenever logging into a website not already added to LastPass you will be prompted to add the website.
This is handled automatically for the vast majority of websites thanks to the plugin being cleaver enough to work out when you are performing a login and then offering to save the login details into your vault for you.
In the rare instances that the login is not automatically detected by LastPass the site details can be entered manually using the “Add Item” tool.
As can be seen above the full form for adding a site allows the URL, the username and the password plus a few more details to be entered by the user. We can also rely on LastPass to generate a secure password here if we need it to (more on this in the next section).
Once the new entry is saved it will be encrypted on your device, saved to your secure vault and then synchronised between all of your connected devices automatically, great!
Can LastPass Generate Passwords?
Yes, one of the great things about LastPass is it can automatically generate long, unique and very secure passwords automatically.
This feature is especially important as it will ensue the new password is, amongst other things, unique to the website or app it is being used for. Having unique passwords for every service you use is very important, this is because in the event that a password is ever compromise and exposed to the world along with your login details (e.g. email address) then only a single site will be affected. In such cases it is fairly easy to then change the password for that single site knowing all other sites are still 100% safe thanks to them having different passwords (even if the login email is the same).
Imagine if your username and password (as per above) had been leaked and it turned out the username (email) and password were used regularly use across many different websites! In this case it would take much longer to change them all (you might even miss some) and it is much more likely that one or many accounts would be compromised, not a good situation!
Signing into Websites and Apps with LastPass
One of the best features of LastPass, thanks mainly to the browser extensions is the automatic website login. This feature allows LastPass to automatically detect the website that has been landed on and then automatically perform the login, excellent!
If you don’t want to use the automatic login (or the website in question is incompatible wit it) then LastPass will also allow you to auto-fill the login boxes by clicking on the LastPass logo which appears at the side of the form.
Whilst using the smartphone app logins work a little differently than they do with the web browser plugin, for example, everything will need to be handled via the LastPass app due to the lack of a mobile browser extension.
Once the app is installed and configured, auto-fill will only become enabled if the smartphone is configured to allow it. For example, in Android this means configuring the system “autofill” settings to allow the LastPass app to fill in login details (as can be seen above). Once this is configured the LastPass app can then be used to autofill the logins for websites and apps!
How Secure and Reliable is LastPass?
LastPass employs very secure AES-256 bit encryption to all data secured on the device automatically, this means unsecured data never leaves you electronic device at any time! Local-only encryption is also important in that it means you master password and encryption keys are never sent to LastPass in the process of decrypting your data, this helps make lastPass as secure as possible!
Another important feature implemented into LastPass is multi-factor authentication, this is the concept of having a secondary device present before the login is successful. For example, if using the Google authenticator app then the one-time code generated by the app must be entered along with the master password for the login to be a success.
Having the master password without the phone or visa versa would not permit a successful login, this helps to make the service extra secure!
In terms of reliability it is important to note that there are (loosely) two parts to Lastpass, the apps themselves and the syncing service operated by LastPass which works in the background.
In term of the apps themselves I have been a user since 2014 myself and have found them to be very reliable and always available when I need them. The auto syncing service is also very reliable and over the 6 or so years I have been a user I have experienced very little downtime. Even in the rare instances of downtime stored passwords can still be accessed in offline mode thanks to the data been stored locally on the device!
Can LastPass Import from Other Password Managers?
Yes, in fact, this is an area which lastPass have put a lot of thought into and have produced a very handy tool which makes importing from many other popular password managers quick and easy.
LastPass Free vs Premium
LastPass is available in three versions, these are a free version, a Premium version and a family account (the family account being the premium version for up to 6 users).
The free account is actually really good and allows users all of the basic functionality expected from a password manager, this includes use of the apps, the browser extensions and automatic synchronisation of devices in the background.
One of the big advantages of upgrading t the Premium account is the 1GB of secure file storage which is included, this means in addition to storing pain text you can also store files (e.g. photos of a passports, payment cards etc.).
Other advantages of the Premium upgrade include more multi-factor authentication options (including Yubikey), this in in contrast to the free version which is limited to just a couple of options including Google Authenticator, Authy and the LastPass Authenticator.
Another potentially useful addition only available with premium accounts is the Windows desktop app, this appliation allows for auto login into Windows desktop apps which require a login. Personally, despite being a premium member for several years I have found I actually needed this very little so (in my view at least) this is not a massive advantage of the premium account (having the 1GB of secure file storage is of much more use).
LastPass uses AES-256 bit encryption to encrypt all passwords locally on the device before any synchronization takes place. In addition to strong encryption LastPass also supports multi-factor authentication for all devices and account types (including the free account).
Another great security feature is the automatic password generator, this utility automatically generates a long (and unique) password with a single click meaning no two accounts risk ever using the same password.
LastPass provide all users with a web-based support centre and knowledge base which contains plenty of guides and FAQs. There is also an online ticketing system for contacting the LastPass support team which is available to all account holders (although LastPass do say they prioritise Premium account over free accounts).
LastPass operate both Free and Premium accounts, the Premium account costing $36/year. There is also a family account providing Premium features to 6 users for $48/year.
LastPass is a secure and reliable tool containing many useful features, the free account is especially impressive given that LastPass have omitted very little in favour of their premium offering. One of the few additions which is of use in the premium version however is the 1GB of secure file storage.
The browser extensions combined with the Android and iOS apps mean adding new sites and accessing existing login credentials is really easy and in many cases can be 100% automatic. The secure password generator also adds to the ease of use and ensures all accounts set-up with the help of LastPass are as secure as possible.
Security is clearly a top priority in LastPass with all passwords being encrypted locally using AES-256 bit encryption before ever leaving any device, this is backed up with multi-factor authentication allowing users to take advantage of extra layers of security with apps including Google Authenticator amongst others.
All in all a great password manager, Well done LastPass!