Guide to Getting Started with LastPass

Guide to Getting Started with LastPass

2011-04-29_110338
It’s all too easy to get sloppy with your password security as the number of accounts and accompanying passwords pile up. It’s time to start letting LastPass generate and manage your stable of secure passwords.

What Is LastPass and Why Do I Need It?

LastPass is a password management tool that takes all the effort out of managing your passwords—it’s so effortless, in fact, that it’s the most popular password management toolamong How-To Geek readers. We all have reasons, most of them in common, for not using passwords as strong and varied as we should: it’s a pain to remember them, it doesn’t seem that important to vary passwords wildly, entering complex passwords for each web site we visit is a big hassle, etc. LastPass removes those barriers by making password generation, management, and deployment dead simple and seamless.
LastPass combines a local password manager with cloud-based storage. Your password database is decrypted locally on your device and is stored in the cloud, encrypted with 256-bit AES. Your passwords are only accessible via local decryption or by logging into LastPass’s secure web site using your master password to decrypt your password database over the SSL pipe.
In addition LastPass also includes password generation tools, automatic form filling, as well as automatic login/password completion. Once you’ve got LastPass up and running you’ll never have to worry about weak passwords again. LastPass is available for Windows, OS X, and Linux as well as iOS, Android, BlackBerry, Windows Mobile, Symbian, and webOS. LastPass also supplies add-ons for Internet Explorer, Firefox, Safari, Chrome, and Opera. You’ll be hard pressed to find yourself, on any platform or with any browser, separated from your passwords.

Signing Up For and Installing LastPass

The first thing you need to do is get yourself a free LastPass account. Head over the LastPass.com and download the appropriate software for your machine. We’re going to download the package for Windows, but the steps for each OS are pretty much the same. Run the application; you should be greeted with a run wizard that looks like the screenshot above. Check the web browsers you want to install LastPass on. The advanced options gives you more control over the specific aspects of those browser installs; skipping the advanced section is fine for most users.
Select that you do no have an account and wish to create one.
Type in your primary email address and select a strong password. You’ll only be using this password to access your web password vault and to login once every browser session to the local database. Now is a great time to start using a passphrase instead of a simple password—i.e. HowToGeekR0cksMyB0xIn2011.
They can’t stress it enough and we can’t stress it enough on their behalf: if you lose your LastPass password you’re totally out of luck. Again, use a strong and memorable passphrase. If you have to, write it down and tape it to the bottom of your desk drawer or otherwise hide it away.
At this point you’ll be prompted to import all the passwords from your web browsers into LastPass. There’s really no good reason not to do this. Even if you’ve used “password” for all your passwords, it will at least build a list of sites you’ve been using insecure passwords on so that you can later go back and update them. In the next step it will list all your saved sites, their username/passwords, and a toggle for you to select and deselect them for import into LastPass.
We’re almost done! The last setup step is to specify whether or not LastPass should log you out when the browser closes and whether or not your LastPass Vault should be your homepage. We recommend setting it to log you out and not using your vault as your homepage. We double recommend against those things if you’re using LastPass on a portable computer or mobile device.
After you finish the LastPass installation, launch one of the web browsers you specified in the first step of the setup. In the toolbar of the browser will be a dark LastPass icon (which looks like an asterisk). Login using your email and LastPass password. We let LastPass remember our login but leave the password blank. Once you login the LastPass logo should switch from dark gray to red and white.
Clicking on the logo yields a drop-down menu filled with LastPass goodies. The first thing we want to do is hit up the Preferences menu. Click on it now.
 
LastPass is notoriously chatty. We happen to like the notifications but many people aren’t so fond of them. We’d recommend leaving the default notifications in place as they serve as excellent reminders to use LastPass and to generate secure passwords. As you get more comfortable using LastPass and need fewer reminders, go ahead and return to this menu and toggle some of them off.
From this point forward LastPass will automatically detect when you’re visiting a website that you’ve already created a login for and will prompt you to generate a secure password for new web sites you’re joining. In the next section we’ll take a look at that process.

Using LastPass to Generate and Store Secure Passwords

When you create a new account for a web service, LastPass will prompt you to generate a secure account. In the screenshot above we started the signup process for a Yahoo! Mail account. When you click the generate button LastPass will open a new tab with the password generator.
 
There you can set your password length, accepted characters, and other parameters. You can accept the password or generate a new one with new variables until you’re satisfied. When you hit accept LastPass will automatically fill it in for the site (and remember it on your behalf).
When you’re done filling in your new account information LastPass will again detect that there is activity with the new account. It will ask you to either confirm that you’ve changed the password or to save a new site as a new entry in your password database. Since we just created a new account, we’ll click Save New Site (if you’re changing the password on an existing site that is already in your LastPass database, you’d click Confirm instead).
Now, although LastPass is pretty awesome at detecting things, initial registrations usually have unique URLs and can often throw LastPass off. When you click Save New Site, make sure to check the URL and Name spots. The default for our Yahoo! Mail account looks like this:
We took a moment to clean it up to reflect the URL we’ll be routinely using to login to Yahoo! Mail:
This is also a great time to start using the Group function. You might, for example, group your financial, gaming, communication, and work web sites into separate groups. From this menu you can also toggle things like autofill/autologin and require master password entry before accessing that particular entry.
Now is a great time to start going through your existing logins to upgrade the passwords using LastPass.

Going Further with LastPass

If you never use LastPass for anything other than generating and storing secure passwords you’ll be miles ahead of 90%+ of the average computer user. LastPass has a slew of additional features, however. Once you have LastPass installed on your primary browser here are some of the extra things you’ll want to check out:
The LastPass Security Challenge: This is a fun tool for your LastPass Vault that analyzes your logins/passwords and generates a score passed off of the uniqueness of your passwords and other factors. Increasing the strength and variety of your passwords will increase your score in this security game.
LastPass Screencasts: If you’re unclear on how the major components of your LastPass vault work, there’s likely a LastPass created screencast to show you how to use it.
One Time Use Passwords: Your master password is important and needs to be protected. What about when you want to access your LastPass account away from home? Don’t risk your master password on a computer with unknown security. Generate a single use password for your LastPass account. You can use that throw away password once in the future and then it will never work again—extremely handy for logging in from an internet café or at a friend’s house.
LastPass Mobile: Although it requires upgrading to the $14 a year premium plan, LastPass has mobile browsers/password managers for every major mobile platform. Take your passwords with you wherever you go.
Import: Have a bunch of passwords already stored in another program like KeePass? No problem. Import them all using the LastPass Import function.
Multi-Factor Authentication: Although it may be overkill for some, you can easily turn on multi-factor authentication that links your LastPass account with a USB key, Yubikey, Fingerprint reader, or Smart Card reader.
Have a LastPass tip, trick, or add-on that has helped you stay on top of your passwords? Let’s hear about it in the comments.

Comments

Post a Comment

Popular posts from this blog

SreePadmanabhaswamy Temple

Image
SreePadmanabhaswamy Temple Sree Padmanabhaswamy Temple is one of the most famous Lord Vishnu Temples in Kerala, South India. Also known as Sree Ananda Padmanabhaswamy Temple, this Mahavishnu Temple is located inside East Fort, in Thiruvananthapuram - the capital city of Kerala, India. Lord Vishnu is enshrined here in the Anananthasayanam posture (in eternal sleep of yognidra), lying on Sri Anantha, the hooded snake. According to traditions, Sree Padmanabhaswamy Kshetram is believed to have been worshipped by Chandra (Moon God) and Lord Indra (the head of the Devas). Significance of Sree Padmanabhaswamy Temple Sree Anantha Padmanabhaswamy Temple is one of the 108 Divya Desams of Lord Vishnu. Divya Desams are the holiest abodes of the Lord Mahavishnu that are mentioned in the works of the Tamil Azhvars (saints). Sri Padmanabhaswamy Temple is also one of the seven Parasurama kshetras in Kerala. The city of Thiruvananthapuram is named after the Lord. The word Thiruvanantha
Read more
iPad 3′s Retina display will bring news reading closer to print experience The new iPad could finally elevate the text reading experience on a tablet to something much more akin to reading a printed newspaper, magazine or book,  says Poynter’s Patrick Thornton. “The blurry, pixelated text from the relatively low-resolution iPad 1 and 2 always stood out. iPad news apps may have great looking photos, videos and interactive graphics, but text — often the core of what a news organization produces — doesn’t look that good, especially in comparison to what humans have been able to enjoy for hundreds of years… The new iPad will allow news apps to look much closer to the printed text found in a glossy news magazine, but apps will need to be rewritten to look proper on this new display, and all art assets will have to be redone as well.”
Read more
Vatican officials says tweets are ‘like the gospel’ Pope Benedict XVI will soon be opening his own Twitter account, a Vatican official announced, saying that tweets were in some ways similar to “the gospel.” “The tweet can be reformulated, redistributed, relaunched and disseminated,” said Father Claudio Maria Celli, the head of the Vatican’s pontifical council for social communications, as he announced the initiative. “In this sense it is like the gospel, a small mustard seed that once scattered grows into bushes where birds can rest.” It does not have quite the same ring as a papal bull, but Catholics looking to stay in touch with the Holy Father are about to get acquainted with the papal tweet. Fourteen centuries after popes started using papal bull missives to communicate with the flock, Benedict XVI is due to open a Twitter account, a  Vatican  official has announced. "The tweet can be reformulated, redistributed, relaunched and disseminated," said Fat
Read more