© Getty Images/iStockphoto
Easy Password concept. My password 123456 written on a paper with marker.
Description LastPass puts you in control of your online life – making it easy to keep your critical information safe and secure so you can access it whenever you want, wherever you are. Save all your passwords, addresses, credit cards and more in your secure vault and LastPass will automatically fill in your information when you need it. LastPass, an award-winning password manager, saves your passwords and gives you secure access from every computer and mobile device. EVERYONE LastPass for Microsoft Edge. LastPass offers several SMB and enterprise pricing plans for users to choose from, including a basic, free option for single users. All plans come with a free trial with an access to all product features, so that you can determine which plan works best for you. Log in and access the LastPass Password Manager Admin Console by doing either of the following: While logged in to LastPass, click the active LastPass icon in your web browser toolbar, then select Admin Console in the menu. Log in at with your admin username and Master Password.
Not all password managers are created equal, and LastPass is one of the standout options. Available for almost every OS, browser, and mobile platform on the market, LastPass is designed to have you safe, secure, and encrypted wherever you happen to be.
Popular Searches
More about cybersecurity
TechRepublic's cheat sheet about LastPass is a quick introduction to this password management app, as well as a 'living' guide that will be revised periodically as new updates and versions are released.
Executive summary
- What is LastPass? LastPass is a robust password management tool available on most computing platforms and as a browser plugin. If installed in multiple locations it will sync, allowing for secure and easy password management.
- Why does LastPass matter? Like all other password management apps, LastPass matters because of the sheer volume of online logins the average person regularly contends with. Hacking/cracking passwords is becoming simpler all the time, making good password management essential.
- Who does LastPass affect? Anyone using the internet is affected by LastPass. The average internet user has 70-80 passwords. That's a lot to remember, and many are likely reused or insecure.
- Is LastPass free? LastPass was initially released in 2008 as a simple browser plugin and has since become a robust application suite. In early 2021, LastPass announced a major change for free users: They have to choose between password syncing on computers or mobile devices, and universal sync is now restricted to paid members.
- What are some alternatives to LastPass? If you don't want to pay for universal device sync, or simply want a different platform, a number of alternatives are available from both third-party vendors and companies like Apple and Google.
- How do I get LastPass? You can download LastPass for free on its website or from your respective mobile app store.
SEE: Password Management Policy (TechRepublic Premium)
What is LastPass?
Put simply, LastPass is a digital vault where you can safely store passwords without fear of their being discovered. Plenty of people are in the bad habit of keeping a notebook in their desk drawer or sticky notes on the underside of their keyboard with passwords on them; LastPass is the cure for that incredibly dangerous practice.
All of the data you store in LastPass is encrypted using the AES-256 standard. This level of encryption is used by the US government to protect top secret information; a 2013 paper said there is no computationally feasible way to brute force crack it, and as of 2021 nothing has changed. That means your passwords are safe.
In addition to AES-256 encryption of your password vault LastPass communicates with its servers using PBKDF2 SHA-256 and salted hashes for an extra layer of security between the app on your phone/computer and LastPass' servers.
Additional resources
- Five types of browser extensions every professional should have (TechRepublic)
- Extra security or extra risk? Pros and cons of password managers (TechRepublic)
- Google: These new password protection features are coming to Chrome (ZDNet)
Why does LastPass matter?
Think of the number of websites and applications you have passwords for. If you're like the average American, it's somewhere between 70 and 80, which is a lot of information to remember.
Microsoft Lastpass Sign In
We'd all be lying to ourselves, of course, if we said each of our accounts had a unique, secure password. Most of us use the same one--or a slight variation--over and over again. Repeated use of passwords poses a serious security risk that can be eliminated by apps like LastPass.
Another common method of password theft is malware that logs keystrokes: All a hacker needs to do is read off the website you typed in along with your username and password to get instant access.
SEE: Check out all of TechRepublic's cheat she smart person's guides
LastPass circumvents keyloggers in two ways: It can autofill passwords once you're logged in and it also offers a virtual keyboard that you can click on with your mouse. Avoiding keystrokes while typing in passwords or using an onscreen keyboard, along with robust encryption, leaves you protected in a way you can't get with other methods.
Microsoft Lastpass App
LastPass can also generate random, complex passwords that you won't have to worry about remembering, provided you have it set up to sync across your devices.
Additional resources
- How to add a simple password manager to Ubuntu Touch (TechRepublic)
- Passwords have a dopey equal in Things on the Internet (ZDNet)
- How to use Dropbox Passwords as your password manager (TechRepublic)
- Password managers: Is it OK to use your browser's built-in password management tools? (ZDNet)
Who does LastPass affect?
If you are reading this, LastPass probably affects you. Anyone who uses a computer or smartphone to log into an account can benefit from LastPass: It provides several layers of added security to prevent theft of passwords and important personal data.
In 2019, 14.4 million Americans (around 6.67%) were victims of identity theft--a number that's held roughly steady for the past several years. A paranoid level of identity protection is essential in the internet age, and LastPass can eliminate much of the legwork.
Additional resources
- 5 best password managers for Android (TechRepublic)
- Do you save passwords in Chrome? Maybe you should reconsider (ZDNet)
- Firms that force you to change your password are clueless says cyber security chief (TechRepublic)
- Lust for public Wi-Fi trumps security concerns (ZDNet)
- Upgrade your personal security with a password manager or security key (TechRepublic)
Is LastPass free?
LastPass was originally released in 2008 as a browser plugin. Since then it has grown into a desktop application and mobile app along with its original browser-based form.
LastPass is free, but there are also premium options for home users and enterprises. Both offer more features, such as shared accounts for family access and administration consoles for business users.
Prior to November 2, 2016, LastPass' free version had a serious restriction: Passwords stored on one device wouldn't transfer to another. If, for example, you stored banking credentials on your desktop, you wouldn't be able to retrieve them on your smartphone. Luckily, that feature is now free, but with a big caveat imposed in February 2021: Free users can only sync passwords on computers or mobile devices, and not between those two platforms.
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
Anyone using LastPass without paying for a subscription (prices start at $36 USD annually) will, on March 16, 2021, have to choose one of the two platforms, mobile or computer, to sync passwords to. The other platform will simply stop working unless you opt to pay the yearly fee, which LastPass has discounted to $27 USD for new Premium or Family customers paying for their first year. After that the price increases back to $36/year.
Additional resources
- Ditching LastPass? Here are some alternatives to try (ZDNet)
- LastPass brings free password management to all your devices (ZDNet)
- '123456' tops list of most common passwords for 2020 (TechRepublic)
- Phishing is another problem solved by password managers (ZDNet)
What are some alternatives to LastPass?
If the lack of synchronization available to free users is enough to make you want to switch to a different password manager, there are a number to choose from, as TechRepublic sister site ZDNet pointed out.
Microsoft Lastpass Alternative
Depending on what platform you use, you could opt for a first-party password manager, like Apple's iCloud Keychain, which is integrated with Mac and iOS devices. Likewise, Google has Chrome Password Manager that syncs passwords across Android devices and to Chrome browsers on systems like Windows and MacOS, provided you log in with the same account.
In terms of third-party password managers, a number of options are available:
- Zoho Vault is free and syncs across as many devices as a user wants. Premium features include auto-generated passwords and two-factor authentication.
- NordPass, from the makers of NordVPN, is also free and syncs across unlimited devices. The limitation for this app comes in the form of being able to only be logged in to one device at a time.
- LogMeOnce has a free plan with many of the features reserved for paid customers on other services. The tradeoff in this case is that the free tier is ad supported.
Additional free password managers are available, but many place restrictions on multi-device sync or other features. If one of the above-mentioned products doesn't fill your password management needs, be sure to read product descriptions closely before investing time into a product that is less useful than you thought.
Additional resources:
- Password managers: A cheat sheet for professionals (TechRepublic)
- Best password manager in 2021 (ZDNet)
- Dropbox adds password manager, vault, and other security features (TechRepublic)
- 1Password: My favorite password manager is an essential security tool (ZDNet)
How can I get LastPass?
LastPass is available on a variety of platforms--pretty much anyone using any device can install it. Simply navigate to LastPass' website and click on Get LastPass Free to be instantly taken to the mobile app store or browser plugin install screen applicable to your device.
You can also click on Download to see other options for installation, such as the desktop apps available for Windows, macOS, and Linux.
Additional resources
- Five utilities that help protect your online privacy (TechRepublic)
- How to eliminate passwords? It can't be done (ZDNet)
- Apple's Chrome extension will let Windows 10 users save passwords to iCloud Keychain (ZDNet)
- 14 privacy tools you should use to stay secure (ZDNet)
- Microsoft is rolling out password monitor, tab sync, sleeping tabs and other new Edge features (ZDNet)
HELP FILE
Office 365 App Integration
Set up an app integration so that your user can sign into this app using the same credentials that they use for LastPass.
Part 1 - Add the SSO app to LastPass
- Open the LastPass Admin Dashboard. Select Applications from the left side menu and then select Web App from the submenu.
- Click on + Add SSO App button from the upper right corner.
- A pop-up window will appear. Under the section: Select your app, click on Search… and select Office 365 from the LastPass Catalog.
- On One Click Setup section enter Microsoft Global Admin Email, Password, and Domain. Note: LastPass will not store your credentials.
- Click on One-click setup and Save.
Manually add Office 365
- Log in and access the LastPass Password Manager Admin Console by doing either of the following:
- While logged in to LastPass, click the active LastPass icon in your web browser toolbar, then select Admin Console in the menu.
- Log in at https://lastpass.com/company/#!/dashboard with your admin username and Master Password.
- In the left navigation of the Admin Console, go to Applications > SSO apps.
- If you have not previously added SSO apps, click Add your first SSO app. Otherwise, click Add Application in the upper-right navigation.
- Under the 'Select your app' section, choose one of the following options:
- If your app is in the catalog, click the app name to select it.
- If your app is not in the catalog yet, click on the Custom tab and enter a name in the App Name field. Note: If you add a custom app, you must click on the Service Provider section provide the ACS URL before you can save the app. You can find the ACS data from the app's Service Provider metadata or website.
- If you want to copy the configuration of an app you have already set up, click the Copy tab then select the app from the drop-down menu.
- Under Identity Provider, the following items are listed, which you can copy and paste to a text editor application if needed:Option
Description Entity ID (for LastPass) https://identity.lastpass.com SSO End Point https://identity.lastpass.com/SAML/SSOService Logout URL https://identity.lastpass.com/Login/Logout Certificate Default is selected, or select another Certificate Fingerprint Custom Certificate Fingerprint (SHA256) Custom - Optional: If needed, you can click the Download icon to download and save the LastPass Certificate (TXT) and/or Metadata (XML) files.
- Open a new web browser window or tab to proceed with the next steps.
Part 2 - App Configuration
- Log into Office 365 administration center as an administrator and then click on Admin.
- From the left side menu select Settings > Domans.
- Add a domain that you are going to use for Single Sign-On and go through the steps to confirm that you own the domain.
- In the section where you are asked How do you want to use with Office 365?, uncheck the checked boxes next to Exchange Online and Lync Online; unless DNS entries are to be updated.
- Make sure that the domain is not the default domain. If it is set as the default domain, please go ahead and change that setting by configuring the .onmicrosoft.com as the default domain.
- SSO configuration for Office 365 requires Windows Azure Active Directory Module for Windows PowerShell cmdlets. Download and install cmdlets from the following link: https://technet.microsoft.com/en-us/library/jj151815.aspx
- You need to use the PowerShell Command template and the certificate that you downloaded from the LastPass Admin Dashboard.
Part 3 - Finalize the Office 365 SSO App Configuration
- To configure Office 365 SSO, customize the PowerShell command template as follows:
- $domain: enter your company domain in the following format: yourworkdomain.com
- $issuer enter your company domain at the end of the URL, in the following format: https://identity.lastpass.com/yourworkdomain.com
- $certificateFile Full path and filename of theh certificate file you've just downloaded
- Please open Powershell as an administrator.$cred=Get-Credential
Result: It will prompt for the administrator's credentials.
- Type your administrator login credentials into the dialog that appears on the screen.
- Copy and paste the second command, to get authenticated on Office 365: Connect-MsolService -Credential $cred
- Copy the block of PowerShell commands starting with $domain and ending with $logoffurl. Paste them into your PowerShell window.
- Then copy and paste the second block to upload the certificate file.
- Run the following command to enable SSO for your domain: Set-MsolDomainAuthentication -FederationBrandName $domain -DomainName $domain -Authentication federated PreferredAuthenticationProtocol SAMLP -IssuerUri $issuer -Signing Certificate $certificate -PassiveLogOnUri $ssoUrl -ActiveLogOnUri $ecpUrl -LogOffUri $logoffUrl –Verbose
Result: You have completed the manual SSO setup for Office 365.
- Return to the LastPass Admin Console.
- On the LastPass Admin Console web browser window or tab you left open as the last step in Part 1, locate the Service Provider settings.
- Under Service Provider, enter the following:Option
Description ACS (i.e., Post Back URL, Reply URL, or Single Sign-On URL) This is the URL to which authentication responses (containing assertions) are returned. If you added a Custom app, the ACS information is required in order to save the app. Entity ID (i.e., Issuer ID or App ID) This is the Metadata URL of the Service Provider. Nickname The name of the app how it appears in the Admin Console (and Cloud Apps, if your users have a LastPass password management Vault). - Click Save when finished.
- Optional: Under the Advanced Setup section, you can add any of the following customizations:
- Role
- IDP (custom)
- Relay State (custom)
- Identifier (choose from Email, Secondary Email, User ID, Groups, Roles, or CustomID - by default, Email is selected).
- Step Up Authentication - Check the box to enable the use of the LastPass MFA app when signing in to your app.
- SAML Signature Method - Check the box(es) for using SHA1 and/or SHA256.
- Optional: Under Custom Attributes, you can add various SAML attributes (learn how to create them here). If you have already created custom attributes, you can use the drop-down menu and choose from the following options:
- Secondary Email
- User ID
- First Name
- Last Name
- Groups
- Roles
- CustomID
- Constant value
- Optional: If desired, check the box(es) to enable any of the following settings:
- Sign Assertion
- Sign Request
- Sign Response
- Encrypt Assertion
- To add more attributes, click + Add SAML Attribute, then use the drop-down menu to make your selections.
- Optional: If desired, click Choose File to upload a Partner Certificate.
- Click Save and assign to begin selecting users to assign. Otherwise if you have already saved the app, click the Assign Users icon for your app.
- You can assign new users or groups, or manage those already selected by doing either of the following:
- To assign new, select the User or Group tab, then locate and click to select. Tip: You can deselect by clicking on the user or group again, or click Remove All to remove all selected users.
- To manage selected, click the Selected tab to view all users and groups already assigned. If desired, click the Delete icon to remove users or groups.
- To assign new, select the User or Group tab, then locate and click to select.
- Click Save when finished.
Result: Your SSO app is now configured! The LastPass users you assigned to this SSO app can now log in and access the app using their LastPass account.
Troubleshooting for Manual Setup
Error | Description |
---|---|
See all licenses | Get-MsolAccountSku You need your AccountSku number to be able to add users. |
Add users | New-MsolUser -UserPrincipalName -ImmutableId -FirstName -LastName -DisplayName -LicenseAssignment -usageLocation The immutable id is a unique user identifier on Office 365. Make sure Immutable id is reflected in the user's info on LastPass portal, as the user's ID. The user principal name is the IDPEmail. Both these values must match with the Office 365 configuration for single sign-on to be successful. |
Delete users | emove-MsolUser -UserPrincipalName The above command moves the user to the Office 365 recycle bin. To create a user with the same name, make sure to remove the user from the recycle bin. |
Retrieve a deleted user | Get-MsolUser -ReturnDeletedUsers -SearchString | select UserPrincipalName, ObjectId |
Remove a deleted user from the recycle bin | Remove-MsolUser -RemoveFromRecycleBin –ObjectId |
Login error | Some users might experience the following sign-in issue, due to a known bug on Office 365: 'Sorry, but we're having trouble signing you in. Please try again in a few minutes. If this doesn't work, you might want to contact your admin and report the following error: .' The solution is simply to restart your browser. Then open a fresh browser tab and try to log in. |
Alternatively, LastPass MFA can be used for secure login to Office 365/Azure AD SSO while maintaining Azure AD as the primary Identity Provider. For more info, visit LastPass conditional access setup page.