Pinterest Stumbleupon Whatsapp

Let’s face it — remembering passwords is really tough. We spend more of our time online than ever before, which means more login details.

Mix together work passwords, with social networks, music streaming sites, and all your utilities and you’ll be struggling to remember which is which… and then we all end up taking shortcuts, like reusing passwords.

A password manager like LastPass can help you improve your security by securely storing all of your passwords The Complete Guide to Simplifying and Securing Your Life with LastPass and Xmarks The Complete Guide to Simplifying and Securing Your Life with LastPass and Xmarks While the cloud means you can easily access your important information wherever you are, it also means that you have a lot of passwords to keep track of. That's why LastPass was created. Read More in a vault, and can be accessed on multiple devices. Securely storing your passwords isn’t enough though to protect you against security breaches and hacks which are happening more frequently than ever.

With LastPass’ Security Challenge you can improve your “security hygiene Protect Yourself With An Annual Security and Privacy Checkup Protect Yourself With An Annual Security and Privacy Checkup We're almost two months into the new year, but there's still time to make a positive resolution. Forget drinking less caffeine - we're talking about taking steps to safeguard online security and privacy. Read More ” by having LastPass analyze your passwords, look for compromised email addresses and passwords, and make suggestions on how to improve your overall password security.

Import Into Lastpass

The first step is to import all of your accounts into LastPass (if you haven’t already). Getting started with LastPass is fairly straightforward as they guide you through the process of importing your passwords.


It’s worth taking the time to make sure you import everything, even the old accounts that you may have forgotten about. Just because you don’t use them anymore doesn’t mean that a breach on that site wouldn’t hurt you later on.

Visit the LastPass Security Challenge Website


Once you have created a LastPass account and imported all your passwords it’s time to face the Security Challenge. Head to the website and click Show My Score for the analysis to begin.

The security-focused side of you might initially be thinking that uploading all of your passwords to LastPass’ servers is rather insecure — and that’s exactly why you don’t have to.

When you run the test LastPass downloads your encrypted data and then uses JavaScript What is JavaScript, And Can the Internet Exist Without It? What is JavaScript, And Can the Internet Exist Without It? JavaScript is one of those things many take for granted. Everybody uses it. Read More to locally decrypt and analyze your vault, meaning that your unencrypted data never leaves your computer.


Enter Your Master Password


Entering your Master Password at this stage allows your LastPass vault to be decrypted locally to analyze your passwords. Your Master Password is the password that you have chosen to protect all your LastPass data. To prevent unauthorized access to your LastPass account you should make this password unique and complex — the beauty of LastPass is that you only need to remember one password rather than hundreds.

Check For Compromised Accounts


LastPass helpfully maintains a list of known security breaches New LastPass Feature Notifies You When An Account You Own Is Breached [Updates] New LastPass Feature Notifies You When An Account You Own Is Breached [Updates] A new feature from LastPass will follow a database of breached accounts, and notify you immediately if your account on any website has been broken into. The new feature, called LastPass Sentry, is built on... Read More and while it’s running the Security Challenge, it looks at the email addresses in your vault and asks you if you’d like to check to see if any of them have been exposed in a breach.

If LastPass spots a match then they will send you an email confirming which account was compromised and in which breach. Although this is an optional test there is no reason not to take advantage of it.

Results Summary


Once LastPass has analyzed your passwords and usernames you’ll be presented with the results page. Right up at the top is a summary of your scores broken down into three categories; Security Score, LastPass Standing, and Master Password Score.

Your Security Score is a measure of how secure your vault is overall based on a number of criteria:

  • Password strength
  • Total of duplicate passwords
  • Multifactor Authentication
  • Compromised Passwords

Not that you can be deducted a point if you permit offline access, allow unrestricted mobile devices access to your vault, or if you have trusted devices that you have set to bypass multifactor authentication — if you have it enabled. Those options are all customizable and the choice to either enable or disable them is largely down to your own preference of security versus convenience.

Improve Your Score


You aren’t left alone to try and figure out why your score was less than the perfect 100%. LastPass breaks down four steps to improving your score; changing compromised passwords, changing weak passwords, changing reused passwords, and a friendly reminder to change old passwords. By expanding each section you’ll be presented with the sites that LastPass has recommended you change.

View Your Detailed Stats


The “Improve Your Score” section prompts you to focus on the most urgent areas of your password security, but that doesn’t mean those are only areas to take a look at.

In the Detailed Stats section you can view each password in your vault, along with a rating on the password strength meter, anything below 50% on this meter is considered weak, and ideally you should be aiming for something around 80% or higher.

In order to help you speed through some of these password changes, LastPass has an auto-change feature for certain sites. If the website is listed with “Auto-Change Password” then in a click of a button LastPass will open the site, change the password to an auto-generated one, and save it in the vault for you.

Remove Duplicates


One of the biggest risks with any hack where passwords are leaked is if you have reused passwords on several sites, leaving yourself vulnerable to the hackers.

The Security Challenge reminds you that duplicate passwords are a bad idea, and even breaks down which sites you have reused passwords on.

In the screenshot you can see that each of my duplicated passwords has an amber bar at 46%. If I were to change just one of those passwords so that they were both unique, then the score would improve for both, and as long as I have chosen a secure password then the meter should be pushed into the green.

Multifactor Authentication For Bonus Points


Multifactor authentication is one of the best ways to secure your accounts What Is Two-Factor Authentication, And Why You Should Use It What Is Two-Factor Authentication, And Why You Should Use It Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card,... Read More . It adds an extra layer of protection to your account by requiring that you provide some time sensitive information that can show that it is really you accessing the site. Most of these authentication methods are in the form of a generated number either sent to you by SMS or by using an authenticator app The 5 Best Alternatives To Google Authenticator The 5 Best Alternatives To Google Authenticator To improve the security of your online accounts, you'll need a good two-factor authentication app to generate the access codes. Think Google Authenticator is the only game in town? Here are five alternatives. Read More .

Not only should you be using this on every site where it’s available, but LastPass also strongly suggests doing the same to protect your LastPass vault — after all, it is your digital safe, storing all of your passwords.

If you want some easy points to improve your security score, enable multifactor authentication for LastPass and you will be rewarded with 10% on your Security Score.

Auto Generate Secure Passwords


After putting in the time to sort out your old passwords, I’m sure you’ll be wondering how you can prevent your score dropping every time you sign up for a new website. Two ways to keep that score high is either to make sure that you create secure passwords 7 Ways To Make Up Passwords That Are Both Secure & Memorable 7 Ways To Make Up Passwords That Are Both Secure & Memorable Having a different password for each service is a must in today's online world, but there's a terrible weakness to randomly generated passwords: it's impossible to remember them all. But how can you possibly remember... Read More or to have LastPass do the legwork for you.

Since LastPass works on most devices and web browsers you aren’t likely to be without it, so you don’t actually need to remember your passwords any more, which means they can be total gibberish.

LastPass can auto generate passwords to a length that you set (the default is 12 characters) this means that you have a secure password that no one is likely to guess stored safely in your vault and you never need to try and remember the long string of letters, numbers, and symbols.

Better Now Than Never

I was burnt in the 2013 Adobe hack where I had used the same password for multiple accounts including my then main mail provider, Outlook. Three years later my account is still regularly hit with attempts to log in from countries all around the world, but a newer, more secure, unique password along with two factor authentication is keeping them out.

Using LastPass was my first step to securing my passwords and knowing exactly what I had and where, but the Security Challenge and my relentless need to improve my score, helped me to get to grips with my lack of password hygiene.

You only have to look at the news to know that one day you may be unfortunate enough to end up caught in the cross-hairs, and when you do you’ll be glad that you took the time to use LastPass’ Security Challenge to up your game.

Have you ever been stung by a security breach? Do you use a password manager? Show off your high Security Challenge scores in the comments below!

Leave a Reply

Your email address will not be published. Required fields are marked *