TABLE OF CONTENTS

Introduction

Generating, remembering, and maintaining unique passwords is challenging and nearly impossible. As the number of mandatory passwords, password length, and password complexity increases, it becomes harder to remember them without relying on risky alternatives such as writing passwords down or reusing passwords for more than one application.

The use of a password manager can greatly improve upon this problem and IT User Support strongly recommends the use of a password manager, such as LastPass.

LastPass, or other password managers such as 1Password, helps ensure that your passwords are maintained in a safe, encrypted vault and makes it easier for users to protect their online identities by using hard-to-crack passwords.

LastPass resides in your browser and helps you store, manage, and automatically provide account name/password information to web applications.  As you enter login/password information into browser-enabled applications, LastPass automatically helps you store these passwords in your safe, encrypted vault.  When you are prompted to provide an account name/password, LastPass will automatically help you identify the right information to autofill into the application and will complete the login information as you dictate. The only password you need to remember is your master password, which you only enter at the start of a browser session to unlock your encrypted password vault.

In addition, LastPass provides many other useful features including:

• All your login information is available on any device you use
• Integration with iPhone or Android phone browsers
• Ability to identify if you are using a weak or repeated password and easily fix this problem
• Ability to securely store other critical pieces of information such as notes
• Support for automatically resetting passwords with many applications
• Ability to link and unlink personal LastPass accounts
• Ability to generate very strong random passwords, and have these unlocked via your master password – so you can set up an account password, use an autogenerated strong password and not remember or directly use, the actual password LastPass has created.  This makes losing, forgetting, or inadvertently disclosing a password for an application almost impossible.

Upon termination, LastPass accounts will be automatically disabled and held for 6 months after which user accounts will be deleted.

Getting Started

See Setup LastPass

LastPass Best Practices

1. Immediately set up LastPass SMS Account Recovery in your account once it is activated and always keep this up to date. If you lose your master password you can recover to a one-time password using the sms recovery process.
2. Always log into LastPass via the browser plug-in/extension.
3. Always log into at least two different browsers a day to ensure that your encrypted safe is cached in each browser. This ensures if you wipe away the cache of one browser you have a backup in the other. This will become important if you have to revert back to an old password to recover a lost master password.

LastPass Tips

• How to change from 1Password to LastPass?

• How do I change my master password?

• I forgot my Master Password, how do I recover access to my account?

• How do I set up Multifactor Authentication for my LastPass account?

• How do I use LastPass from a mobile device?

• How do I set up LastPass Authenticator?

• How to set up LastPass SMS Account Recovery?

• How to share passwords?

• Can I link my personal LastPass account to my Lab LastPass account?

• LastPass is not auto-filling in login information, why?

• How to set up options for a Re-prompt for the Master Password?

• How to set up LastPass Trusted Devices?

• LastPass Online Help Documentation - https://helpdesk.lastpass.com/

• For any issues contact [email protected]