home Devices

How to make lastpass automatically remember your password. LastPass Password Manager extension - accounts, passwords, login. Increase password iteration

Let's start from the very beginning. Why do we need password managers anyway? Every day we use many online services: mail, instant messengers, social networks, blogs, forums, payment systems, dating, entertainment, etc. Each system requires a separate account and password.

For the sake of simplicity, using the same password is extremely unsafe, since if one of your accounts is hacked, the domino principle will work, and attackers will gain access to other accounts. Remembering many different passwords is basically impossible. There is an option for generating passwords according to some principle known only to you, but this is also not always safe and convenient.

Password managers come to the rescue - programs that securely collect and store your passwords. Your task comes down to remembering one master password from the manager itself (the so-called master password). Very comfortably!

That is why recently all personal “anti-virus combines” (programs of the Internet Security class and higher) have been equipped with similar functionality. But such products are not suitable for everyone and not everyone can afford it, so it’s interesting to take a closer look at the decent free password managers that happen to exist.

LastPass is a completely free, personalized password manager that is designed to create, store, and manage passwords for various Internet sites. LastPass cannot work with programs other than browsers, so for the sake of clarity, we will further call it a browser-based password manager.

So, let's see what kind of beast this is. After installing the program from the website www.lastpass.com, special plugins and toolbars are added to the Mozilla Firefox and Microsoft Internet Explorer browsers. I’ll say right away that the manufacturer’s website indicates support for Google Chrome, but in reality it doesn’t (at least it doesn’t work on Windows 7 x64 and Google Chrome 5.0).

An important feature of LastPass is that the program stores all your passwords “in the cloud”, i.e. on a remote vendor server in a special personalized Vault storage. At its core, LastPass is not even a program, but a service. This has its big advantages, as well as big disadvantages.

The advantage is that you can use the passwords stored by LastPass on any computer with Internet access. There is no need to think about backing up the database, exporting and importing to other computers, synchronizing, etc. actions that negate all the convenience of using a password manager.

The disadvantages, of course, are the lack of control over remote storage and the risk that the server or your main account (master password) will be hacked, and all passwords will go wholesale to the black market.

Important! When registering, set the most strong master password that you are guaranteed to remember.

LastPass has a feature to export saved passwords from browsers, which allows you to export saved passwords from browsers after installation.

Let's now see the program in action using several examples. When you sign up for a website, LastPass automatically detects password fields (based on the tag attribute ) and offers to generate and save a secure password for it in your database. There is an option to select a password option, as well as fine-grained generation settings (number of characters and their type).

If you manually enter a password on a site, LastPass automatically prompts you to save the password in its database. If necessary, you can refuse to save a password, which is important, for example, for online banking (it is better not to trust these passwords to anyone or anything).

As a result, your personal LastPass Vault will look something like this after some time. There, if necessary, you can make notes on passwords, export or import passwords, etc.

When you access a site that requires authorization, the password for which was previously saved, the password manager will prompt you to log in or do it automatically (there is a special option). In addition to convenience, this feature provides more. You don't have to type passwords from the keyboard and the risk of them being intercepted by malware is minimized.

LastPass settings are quite sufficient. You can customize the program's appearance, alert functions, and some important security features (see pictures below).

An interesting feature of LastPass is the built-in audit of the strength of passwords used. When generating passwords, their strength is shown on a special scale (see above), but you can quickly check the strength of all passwords, including old ones.

The results of the password strength analysis are presented as a percentage of the ideal, in my case it was almost 69% - there is something to work on.

Below are some statistics on average password length, repeated passwords, weak passwords, etc. You can see the strength analysis for each password separately in a special table, but for obvious reasons I won’t present it here :)

In conclusion, I can say that LastPass’ functionality was sufficient for me personally. Testing over several months did not reveal any significant shortcomings (except for the lack of support for Google Chrome). Most of my passwords are associated with web services, and a browser-based password manager optimizes working with them and significantly saves time. The functions of automatic login to sites, generation of strong passwords, auto-filling of forms using templates, export/import of a database and analysis of the strength of all passwords in general are very useful.

Once again, I would like to point out that passwords saved in LastPass are stored on a remote server. The pros and cons of this were described by me above. If for some reason you do not trust cloud services, then you should look for some other password manager.

Password managers are discussed on our forum.

You can see the product in action, albeit with comments in English. language.

The digital space is one of the most unsafe areas of modern life. Cybersecurity has become a separate industry, the purpose of which is to protect the personal data of ordinary users on the Internet. However, the safety of personal information depends primarily on the people themselves. Therefore, you should independently take measures to ensure the security of personal information from intruders, saving logins, passwords and other information in a safe place.

Reliability comes first

Password storage software Lastpass is a high-end extension for storing device user authorization data. By trusting the application with account login information, the user chooses reliable protection against viruses that can read information without the knowledge of the device owner. The data entered into the password manager is protected by a master code, which guarantees sole access to the information recorded in the application.

An indicator of the level of security, convenience and trust of owners of electronic devices in this extension is a five-star rating from the Firefox Add-Ons resource. The add-on was also an Editor's Choice for PC Magazine. Popular blogs such as Lifehacker, Makeuseof, Download Squad and popular specialized publications have also not bypassed this program. Wide popularity suggests that users are eager to trust this password manager with personal data. The program is constantly improved by developers who release regular updates.

Universal protection available to everyone

The software is distributed on the following browser applications:

Google Chrome;
Yandex browser;
Mozilla Firefox;
Apple Safari.

In addition to the main versions of the program, there is a bookmarklet for other browsers besides the ones listed above. You can download Lastpass for free in Russian only for personal computers. Android users have access to a paid version of the program. The plugin collects passwords from the browser and stores them in local storage, access to which is limited by the master code.

The add-on's features don't stop there. With this program, users automate data entry by setting up forms to autofill. The extension is capable of synchronizing the codes and logins it contains with any supported browser. If necessary, the code generator is activated.

You are an active Internet user and you know how often to visit a site you need to register and then remember the entered data. If you have already started to get confused about your logins and passwords, then you just need to get the Lastpass program, which will not only remember all the authorization data for you, but will also fill them out yourself.

First, you should download the program to your computer. To do this, follow the link and download the version of Lastpass that matches the installed operating system and browser. Save the exe file to a folder and run it. Select the Russian menu language and click “Advanced options” to change installation parameters. Be sure to check the three boxes in the “Privacy Options” section.

When you launch your browser, you will see a Lastpass icon located to the right of the address bar. Left-click on the “snowflake” icon and a window will open to create an account. Fill out the following fields: email address, create a password using numbers and Latin letters, provide a hint if you suddenly forget your password. Read the terms of use of the program and check the boxes. After clicking “Create Account” the system will create a personal account.

After receiving the notification sent by email, you can log in to the service. Go to the repository to manage options. The first tab “Storage” contains sites that you have visited. For ease of further use, create groups to store certain sites. Sites that remain uncategorized will be located in the “Recently Used” and “Untitled” folders.

To add a site, click the corresponding item in the menu. In the new tab, enter data for further automation of the process. In the “URL” field, enter the site address, the next “Name” field implies the name of the site. Select a folder to save the site, but this is optional. Provide your username and password. To instantly log into your account on the website, check the “Auto login” box.

You have the opportunity to save not only sites with authorization data, but also information on documents. For example, passport, insurance, driver's license or bank account details. When accessing this data, you will need to enter a password for additional insurance against ill-wishers.

The second tab “Form Filling Profiles” allows you to add and change profiles for forms required when registering and placing an order in online stores. At your discretion, enter your details in the blank fields provided.

To organize sites by purpose, create profiles in the third tab. You will only have access to certain sites and notes. To switch between profiles, go to “Tools” → “Profiles” and activate the one you need at the moment.

The “Sharing” section allows you to configure access to your account of the selected site for one of your friends. Access can be permanent or temporary, and authorization data is not disclosed. The next section “Organizations” will be needed for corporate work of large teams. These options are paid. But the latter contains many videos in English.

After registration, there is no need to start creating folders and filling them with sites with your data. Every time you visit a website for the first time, Lastpass will prompt you to remember your username and password. If you manage to forget your password, it will be enough to indicate your email to which a hint will be sent.

All data information is stored on the Lastpass server. Fans of mobile versions are provided with the same program, but for money.

Passwords, passwords, passwords - they surround us everywhere. Any modern person today uses dozens of the most, for each of which he must have his own separate, rather complex password. A real salvation in such a situation are special programs - password managers, which allow you to conveniently manage all your keys. The most popular of them is LastPass.

On the one hand, storing all passwords in one place is quite convenient, but at the same time it exposes our security to additional threats when, if your LastPass account is hacked, an attacker can gain access to all your accounts. Let's see how we can reduce these threats to zero.

This article will give you some simple tips on how to change your LastPass settings to make it more reliable and secure. To access these settings, you must log into your account on the site and click on the button in the left column Settings.

1. Automatic exit

Any, even the most stringent security settings will be completely powerless if your LastPass is always active and anyone who has access to your machine can use it freely. Therefore, first of all, in the settings on the tab Are common set the time interval after which you will be logged out of your account.

If you use the LastPass browser extension, open its settings and be sure to enable auto-logout after closing the browser and after a certain period of inactivity.

2. Limit the list of countries

In the LastPass settings window, on the General tab, find the Only allow login from selected countries option, check it and select from which countries you can log in to your account. For example, if you live in Ukraine and do not intend to travel in the near future, then this location should be noted.

3. Disable Tor Login

Tor is a special anonymizer network that is often used by attackers to hide traces of their crimes. Therefore, if you do not use this network, it is better to disable this feature altogether. To do this, check the corresponding checkbox on the tab Are common.

4. Increase password iteration

All your data is stored in LastPass in encrypted form, and the larger the iteration value, the more difficult it is to decrypt. The site recommends setting this value to 500, which will significantly increase security.

5. Multi-Part Authentication Grid

Two-factor authentication is the best way to keep your LastPass vault secure. To activate it, open the tab Safety and check the appropriate option. After that click the link Print Grid Table and a special table consisting of numbers will be generated for you. Print it out and save it. Now, when logging in from a new device or unfamiliar location, you will be asked to enter a combination of numbers consisting of the columns and columns of the table specified to you.

6. Notifications about password changes

LastPass can notify you via email not only when your master password changes, but also when stored logins and passwords for different sites change.

7. Using a secret email address

To provide additional security, you can specify a special additional mailing address instead of regular email. All messages related to the security of your account will be sent to this address, for example, a password hint, instructions for password recovery, and so on.

This address should be an extra-secure one that only you know. Even if someone gets access to your regular email, they won't be able to access LastPass. You can set this additional secret address on the tab Safety.

Using the simple tips above can greatly increase the reliability and security of your personal data stored in LastPass. Remember that it is better to spend ten minutes digging through the settings than to mourn the stolen information later.

You've probably heard the expression: “If it works, don't touch it.” Of course, if a password manager does all the basic responsibilities, you don't need to change it. However, sooner or later the interface will become outdated, and competitors will catch up with new features. The free LastPass 4.0 has a new online portal interface, new features include an exchange center for managing shared passwords and emergency access for transferring passwords to trusted persons and heirs. These new features help LastPass stay ahead of the competition.

You can use a large number of commercial password managers absolutely free, as long as you accept significant restrictions. Some products, for example, limit free use to 10-15 passwords, and you will have to pay for the rest. Dashlane 3 allows you to use the manager for free on one device without the synchronization function. With such serious limitations, it is wrong to consider these solutions as free.

The free version of LastPass allows you to use all the important features for free on as many devices as you like. You can use LastPass 4.0 on computers (Windows, Mac, or Linux), multiple smartphones (Android, iOS, Windows Phone, or BlackBerry), or multiple tablets (Android, iOS, or Windows). Only if you want to cross the lines and sync between computers and mobile devices will you need to upgrade to LastPass Premium for $12 per year.

Getting started with LastPass

Setting up a LastPass account is very simple. Download and install the free app. The program will then ask you to either log into an existing account or create a new account. As always, you should create a strong password that you can remember but no one else can guess.

You can add a password hint, but this is not a good idea. During the June 2015 attack, attackers were able to steal some data from LastPass servers. Fortunately, LastPass's robust security measures prevented hackers from hacking your actual passwords, master passwords, and other critical information. As a preventative security measure, the company recommended that users change their master passwords. The only thing the attackers could get during the attack was hints for master passwords. If you still decide to use a password hint, encrypt it using a method that only you understand. Be sure to enable multi-factor authentication, we'll show you how below.

Please note that LastPass employees do not have access to your data because they cannot know your master password. In the past, if a user forgot their master password and the hint did not help refresh their memory, the only option was to create another account and start over. Now, when you install LastPass on a new device, you will have the option to save a one-time password for account recovery. The recovery process will require access to your email account and device, which does not pose a major risk.

During installation, LastPass prompts you to import passwords stored in browsers. The product removes passwords from insecure stores and disables the browser's password capture feature. Additionally, you can import data from several competing password managers.

After installing the LastPass extension in your browser, you know what to do. Simply log in to sites as usual, and LastPass will automatically save your credentials. You can assign a friendly name to the site at the time of capture and add it to a new or existing folder. LastPass independently suggests appropriate folders for popular sites.

Sometimes you'll come across sites that use a non-standard login page that LastPass can't automatically capture credentials for. Just like RoboForm and Sticky Password Premium, LastPass can handle these cases. Simply enter your credentials and then use the “Save all entered data” option from the browser toolbar icon. Everything is very simple!

When you click the LastPass icon in your browser's toolbar, a menu appears, which in turn includes a menu for all saved sites. Each folder becomes a submenu, and you can have subfolders. The saved logins menu is a common feature of many password managers, but only LastPass, Sticky Password and a few others support nesting.

Password generator

When you sign up for a new account or change the password for an existing account, LastPass prompts you to generate a secure password. By default, the generator creates 12-character passwords with a combination of numbers, uppercase and lowercase letters. You can increase the length and include special characters to create stronger passwords. On the other hand, if you need to remember the password, you can make it pronounceable, for example, estrigntac or rewisnobug.

When you create a new account, LastPass captures your data and also prompts you to update your saved password when changes are made. This feature works regardless of whether you are using a password generator.

I would like to see some improvements in the tool's performance when moving to version 4. Intel Security's True Key generates 16-character passwords by default using all possible character types. Most users will probably not change the default settings, and will end up with less secure passwords from LastPass.

Improved password storage

The standard process for capturing and reproducing passwords is largely unchanged from the previous version, but you'll notice major changes when you open your LastPass password vault. Too much change at once? Over the next few months, you'll be able to switch between the new interface and the LastPass 3.0 experience. The new interface is a very welcome improvement though.

From the vault you can view, edit and sort all saved passwords. The user can now view their grid view with large tiles, just like in Dashlane. LastPass shows larger tiles, and the new ability to hide the left navigation menu frees up more space for tiles.

The new multi-purpose “Add” button allows you to add a new folder or site, or share passwords with other users. In addition, you can now select multiple items at a time and perform batch actions, such as moving to a folder, sharing, or deleting.

Emergency access

The concept of passing on passwords to heirs was first implemented in the form of the digital legacy feature in PasswordBox. PasswordBox has since evolved into True Key, but the concept still lives on. For example, Dashlane allows you to configure any number of contacts who can receive all or partial passwords. LogMeOnce Password Management Suite Premium allows you to define one heir for the entire collection and five contacts for individual credentials.

Emergency access in LastPass works much the same way as the similar feature in Dashlane. You enter the recipients' email and define the waiting period. Recipients must install LastPass if they haven't already and accept your connection request. Now, if anything happens to you, recipients will simply request access to the account. Dashlane allows you to share sets of stored credentials - for example, a work colleague can get all the passwords associated with work. LastPass does not have this feature.

Now let us explain why the waiting period is needed. Let’s say trusted recipients decided to get ahead of events even before you “kicked your hooves back.” You will receive an email when you initially request access, and you can revoke access at any time during the waiting period. In a real situation, the recipient will automatically gain access after this period.

When selecting the emergency access feature, the user is shown two pages - “users I trust” and “users who trust me”. On the first page you can remove contacts from the list, as well as change the waiting period. On the second page you can refuse the role of trusted recipient.

Password exchange

It is generally recommended to avoid sharing passwords indiscriminately for security purposes, but there are situations where this is required. For example, you and your spouse can use the same bank account. If you need to share a password, you must do so securely.

In terms of password sharing, LastPass is the most flexible solution. Simply select an item in the vault to display action buttons and select the “Share” button and simply enter the recipient's email. The recipient who already uses LastPass will see a notification about the new exchange, and other users will receive an email with instructions on how to create an account and accept the exchange request. The recipient can use the received credentials for authorization, and you can choose whether to make the password visible or not.

Exchange center

The new sharing center within the online password vault makes it easy to manage shared objects. As with emergency access, you can refuse access to data shared with you or remove recipients of your shared passwords.

Sharing Center contains a tab for managing public folders. However, if you try to use this feature, you will immediately find out that it is only available in the Premium version.

Filling out web forms

When a product can automatically fill in credentials, it's just one small step away from filling out personal information on web forms. However, only a small number of password managers support this feature, including LastPass, LogMeOnce, and Norton Identity Safe.

A user can set up any number of identity profiles in LastPass, each of which contains personal, contact, credit card, and bank account information. Users with knowledge of web technologies can specify additional fields. This way, if Lastpass recognizes a field with a certain name or attribute, it will automatically fill it with the appropriate value.

RoboForm allows you to create multiple instances of any web form field, and Dashlane stores different pieces of personal data (phone numbers, email addresses, etc.) separately. LastPass has the ability to create profiles that contain only your credit card number and no additional information. When you are about to fill out a web form, you can choose to use a profile with personal data or with personal data and credit card data separately.

In the vault, LastPass represents each profile using credit card number analysis. The program correctly identifies MasterCard, VISA and American Express numbers. Dashlane takes this concept even further. The product allows you to choose the color of the card, the bank logo and displays exact copies of the cards when filling out the form.

In order to fill out forms using LastPass, you need to find a small icon in one of the fields. Click on the icon and select the appropriate profile. Everything is ready, the form is filled out! In testing, the feature performed better than many competitors.

Multi-factor protection

It doesn't matter how complex the master password is if an attacker can find it. A thief can log into your accounts from anywhere in the world. LastPass doesn't require email verification the first time you log in to a new device, which could help. However, you can greatly improve your security by taking advantage of the available multi-factor authentication options.

To set up multi-factor authentication, you need to open the LastPass profile settings window, which looks the same as in LastPass 3.0. In the free version, LastPass supports Google Authenticator, Duo Mobile, and Authy. Linking your account is done by scanning a QR code on your mobile device. After this, every time you log in, you will be required to enter a one-time code generated by the application, as well as a master password.

The free version also supports authentication methods using the Toopher and Transakt apps. They work easier than Google Authenticator. Instead of copying the one-time code, you must simply accept or cancel the connection on your smartphone. Owners of regular mobile phones can print an authentication grid in the format of a regular wallet. To authenticate, LastPass will ask you to enter characters at specific grid coordinates.

Two-factor authentication can get tedious after a while, so LastPass allows you to designate individual devices as trusted devices. When you log in from a trusted device, all you need to enter is the master password. Likewise, if you enable mobile device restriction, no login attempts from mobile devices will be accepted if they are trusted.

Security competition

Storing all your passwords in LastPass is a great security measure, but it's not enough. You also need to know which passwords are weak or duplicate and should be changed. This is the purpose of a security check.

Click the security check icon, re-enter your master password, and get ready to see which passwords are most vulnerable. Please note that to get all the functionality of the component, in particular for the automated password change function to work, you need to run a scan in Chrome.

As part of its analysis, LastPass recognizes email addresses found among your records and suggests checking them against hacked site databases. If the program detects hacked passwords, you can instantly change them right in LastPass.

At the top of the final report, you will be able to see the overall percentage score, your position in the LastPass user community, and a separate score for the strength of your master password. The final result depends on the complexity and uniqueness of the passwords, but also includes other factors. For example, you lose 10 percent if you don't activate multi-factor authentication.

If you're interested, you can follow LastPass's recommendations for troubleshooting 4 types of problems: cracked passwords, weak passwords, duplicate passwords, and old passwords. The password age is measured from the moment the program first captured the password.

You can scroll down to see a list of all passwords with individual strength ratings, when they were last modified, and a button to update your password. For some popular sites, LastPass displays an automatic change button, just click it to have LastPass update your password automatically. LastPass currently supports automatic password changes for 80 sites, while Dashlane's similar feature works for 500 sites. You can check multiple objects and update them all at once. If your site doesn't support automatic updates, click the button to change it manually.

Still a winner

Automatic password updates were added back in LastPass 3.0, but Emergency Access is a completely new feature. The updated online storage interface is a very positive improvement, which can also be said about the new exchange center. And the broad capabilities of this free password manager are amazing.

LastPass 4.0 retains PCMag's Editors' Choice title in the category and shares it with LogMeOnce Password Management Suite Premium, which, despite its free status, is also well stocked with useful features.

LastPass 4.0 Review:

Advantages

free for use on multiple devices of the same type;
checking password security with recommendations for action;
automated password change;
multi-factor authentication;
improved password vault user interface;
transferring access to passwords to trusted persons in unforeseen situations;
new exchange center.

Flaws

The basic password generator settings could be more secure.

Overall rating

The free LastPass 4.0 has an updated user interface and new features, such as emergency access and automated password changes, that set the product apart from commercial competitors.