Need for a Password Manager
Every year, millions of online accounts get hacked due to poor passwords. Hackers need less than a 30 ms to crack passwords such as ‘12345’ or the classical one ‘password’. Are you using any of these passwords or something like these in your online accounts? Wake up, it’s the time to change them immediately.
You need to use a password of at least 8 characters long that has both alphanumeric and special characters. Biggest challenge one can face in using a strong password is to remember them. Writing them on a sticky note means you may lose them. So, to overcome these problems, we need to use a secure password manager such as LastPass.
LastPass is a freemium password manager by LogMeIn. In 2015, LogMeIn acquired LastPass from Marvasol, Inc. It is one of the well-known password managers available in the market which not only manage your passwords but can help you generate secure passwords. Like any other password manager, in LastPass, you need to remember only a Master Password to access your various login passwords.
LastPass comes with two variants: Personal and Business. We will review the LastPass Personal today.
LastPass Review 2018 – Features
We will see every feature of LastPass Personal and in the end, we can rate the product.
When you’re going to store your login credentials with a third-party service, you need to make sure they’re stored in a secure environment. LastPass uses very stringent security features to protect your account and your credentials. It uses Advanced Encryption Standard, AES-256 bit encryption with PBKDF2 SHA-256 (PBKDF2 is part of RSA Laboratories’ Public-Key Cryptography Standards (PKCS) series) and salted hashes to ensure complete security of your data in their servers.
Also, with the help of end-to-end encryption, your data are encrypted and decrypted in your device only. It prevents any naked data to be stored on their servers. Your data is yours and nobody including LastPass cannot access your passwords.
Keep in mind if you lose your Master Password to log in to your account, you’ll lose the access to it. You cannot retrieve your password at any cost. Rest is assured. You’re in safe hands!
The first thing you will see after login to LastPass is the Vault. It is the place where all your login credentials of various websites are stored. It is also the place for storing your Secure Notes and Form Fills. Yes, LastPass helps you to manage your notes and form fills as well. You can create various folders inside the Vault to categorize your credentials.
Your login credentials are stored in a thumbnail view with the respective website’s logo in the Vault for easy identification.
Notes can be stored under different types. You can save Address, Bank account, Credit Card, Custom, Database, Driver’s License, Email accounts, Generic, and Health insurance. Instant messenger, Insurance, Membership, Passport, SSH Key, Server, Social security, Software license and WiFi password are some of the other types of notes you can save.
Each of the above said note types will give you a ready to go template to enter all the required information. For instance, when you want to create a note for a software license, you will be presented with the template as shown below. As you can see from the image, everything you need to remember for a Software License can be entered in a more organized way.
Form fills can help you to store form data like your address, emails, phone numbers, etc. With the help of Form Fills, it is a breeze to fill the form for a website in seconds.
You can also create custom templates as you wish. Like login credentials and Secure Notes, you can create multiple Form Fills for each of your needs like personal, official, etc. You can mark any note or form fill or a credential as a Favorite so that it will be pinned in the top of Vault for easy access. When you hover your mouse on the “+” icon in the vault, you can able to create new Site/Folder/Secure Note/Shared Item.
Users can toggle between Version 4.0 (latest) and Version 3.0 interface in the Vault. However, in its latest blog post, LastPass announced that it will retire Version 3.0 interface and from 1st August 2018 users will see only the latest Version 4.0.
One of the cool features with LastPass is its ability to share credentials with others. You can choose one or more recipient email addresses and things you want to share with them. An invitation to accept your sharing will be sent automatically to their mailboxes.
Once they accept the invitation and login to their LastPass account they can see the items shared with them and access the sites. You can anytime cancel the invitation or sharing. You can also mask the password of the shared item so that recipient can visit the website account you shared but they cannot view its password.
The sharing center feature is useful when you and another person are sharing an account that both of you access using the same login credentials. For example, if you’re owning a website, you can share the login information with your web designer without revealing the password. Once the web designer’s work is over, you can revoke access to them. It is as simple as it is!
One of the cool features of LastPass is the Security Challenge. It is basically an analysis of all of your credentials and presenting a clean report about how strong your passwords are. Security challenge feature also allows changing passwords automatically for compatible sites. So you don’t need to visit individual sites to change your passwords. Just select the sites you want the passwords to be changed and click change password. That’s it!
LastPass will analyze your passwords in the following categories.
Compromised Passwords – List of your passwords that might be compromised during recent attacks will be shown here.
Weak Passwords – List of passwords with poor character combinations or length.
Reused Passwords – List of credentials where the same password is used multiple times.
Old Passwords – List of passwords which you didn’t change for a long period of time.
With all the above categories, you can able to change the passwords to new stronger ones with one click. LastPass will show an “Auto-Change” under the action tab for compatible websites. If a website is not compatible with LastPass Auto-Change feature, you can launch that website and change the password manually.
Sometimes you may need to give access to your Vault to your loved ones in case of emergency. As you know, since LastPass is an end-to-end encryption service, if you forgot your Master Password, you will lose all access to your LastPass account and passwords stored in it. To overcome this issue, you can use Emergency Access feature. Using this feature, you can give emergency access to your account with someone you trust.
Without knowing your Master Password, they can access your credentials if they want. For doing this, they have to send a request to you for gaining access to your vault and you need to approve the request. You can set a waiting time for which they need to wait till they can access to your vault. You can revoke access if you want.
LastPass is already a secure service. To add an additional security layer LastPass offers you different Multifactor options. You can use authenticators like Google Authenticator, LastPass Authenticator or Authy, which can generate time-based 6-digit codes on their apps that need to be entered in addition to your Master Password to login to your LastPass account. LastPass Authenticator can also offer to receive a push notification or an SMS to get the code on your phone.
Other Multifactor options you can use with LastPass are Microsoft Authenticator, Loopher, Duo, Transakt, and Grid.
If you are a premium user of LastPass, you can get access to the additional authentication means like Yubico, your device’s Fingerprint sensor, and Sesame.
If you for some reason block LastPass from filling your login credential on specific URLs, you can specify them in your account settings. LastPass will not fill in the details on those websites.
You can even specify what to block on a particular website. For example, you can block LastPass to fill forms or disable auto login. You can also completely block all the LastPass functions using this feature.
So you got your login credentials stored for a particular website in LastPass. What if another version of that website or its equivalent website you wants to log in? Do you need to create separate entries for those websites? Need not. LastPass allows you to specify the equivalent domains in your account settings so that it will fill your credentials in both the websites without the need of a duplicate entry.
For example, amazon.com and amazon.co.uk are equivalent domains. You can log in to both these websites with same credentials. LastPass has added the global equivalent domains like google.com and youtube.com on behalf of you in your account.
LastPass can automatically log you for a given URL and its subdomains. However, if you want to create a separate login information for one of the subdomains, you can do so by using the URL Rules feature.
For example, consider the domain www.example.com. When you want to use different login info for one of its subdomains, say login.example.com, simply enter login.example.com in the URL rules and enter the credentials. This way LastPass can recognize different subdomains.
When you are switching your password managers or simply you want to have a backup of your passwords, you can use the export function of LastPass. Using this function, you can save all your login credentials in the desired format.
Use the Import function to import all your login information to LastPass without the need to enter them manually.
Deleted Items Recovery (Limited)
Deleted a credential by mistake? No worries as LastPass has a deleted items folder which stores all your deleted items. You can easily restore an item. However, note that items in deleted items folder will be deleted automatically after 30 days. So use it wisely.
As security is the top priority in LastPass, it allows you to review your login histories and events on the selected date range. It will provide you with the histories of the websites you logged in with details such as date and time, website address, IP address, DNS and medium of access like chrome etc.
On the other hand, you can also check different critical events such as exporting the vault in the same way. With this feature, you will be able to have full control of your activities.
Using LastPass you can set free credit monitoring alerts for all users. However, this feature is available only for the users in the United States. If the credit report changes, LastPass will notify you via pop-ups and email alerts. These alerts allow users to monitor their credit report efficiently.
One Time Passwords (OTP)
As we said earlier, if you forgot your Master Password, there is no way to retrieve it by any means. But if you use the OTP feature, you can log in to your account without using the master password and export all your credentials. This way you avoid the situation of losing all your credentials. OTP can be handy if you’re login to your vault in a public system. These OTPs can be used once and afterward, it will expire. To generate sufficient OTPs and keep them in a safe place. You can also delete the generated OTPs if you wish.
Like having different users on a computer, you can have different identities for your vaults. Each identity will have its own credentials stored in it. For example, you can create different identities for your personal and work credentials and switch between them.
One of the cool features of LastPass is to generate secure passwords and usernames. For using this feature, you need not have an account with LastPass. Just head over to their website and you can easily generate your passwords and usernames without the need of logging in.
As always, you can able to set the length and characteristics of the generated password or username.
Password managers will not be considered complete without the cross-platform availability feature. You can be able to access your vault regardless of the device you use. LastPass have you covered. LastPass has a universal installer for Windows, Mac, and Linux which will add the extension to all the browsers installed on the system. You can also install only the browser extension of your favorite browser if you want.
LastPass has its mobile apps for iOS, Android, and Windows. So you are fully covered. And you can also able to access your vault from the web app which is really cool.
So by this time, you are almost learned about various features of LastPass. Now it’s the time to see the pricing which most of us are interested in. You can use LastPass for free. Yes. You read it right. You can use use the free version of LastPass with all necessary features. Even they will not restrict the per device usage and you can sync your vault on as many devices as you want. Most other password managers restrict this feature.
However, if you want you can get LastPass Premium for $24/year which will unlock features such as 1GB of encrypted storage, password sharing, additional multifactor authentication methods, fingerprint login from your PC, etc.
Even though the free version is sufficient for most of the users, you can support LastPass by purchasing the Premium version so that they can continue to provide this awesome service for free.
Without any second thought, LastPass can easily be the number one password manager you can trust. Stronger security, cross-platform availability, awesome features, and attractive pricing make LastPass complete in all respects. We have nothing much to say on the negative side of using LastPass. It works flawlessly on any platform. We at tecdig are amazed by the product and we strongly recommend you to use LastPass for all your login needs.Visit LastPass and secure your online accounts!
How much do you like LastPass? Please rate it below.