Pinterest Stumbleupon Whatsapp
Advertisement

By now, you should know the basic principles of keeping your online accounts secure Have You Taken These 5 First Steps to Secure Your Accounts Online? Have You Taken These 5 First Steps to Secure Your Accounts Online? It's surprising how many people ignore these basics of securing yourself online. These five websites and tools make online security an easier chore. Read More : use two-factor authentication Lock Down These Services Now With Two-Factor Authentication Lock Down These Services Now With Two-Factor Authentication Two-factor authentication is the smart way to protect your online accounts. Let's take a look at few of the services you can lock-down with better security. Read More , create strong passwords How to Generate Strong Passwords That Match Your Personality How to Generate Strong Passwords That Match Your Personality Without a strong password you could quickly find yourself on the receiving end of a cyber-crime. One way to create a memorable password could be to match it to your personality. Read More , don’t use the same password on two different sites, and use a password manager How Password Managers Keep Your Passwords Safe How Password Managers Keep Your Passwords Safe Passwords that are hard to crack are also hard to remember. Want to be safe? You need a password manager. Here's how they work and how they keep you safe. Read More .

There are lots of password managers to choose from, each with different strengths and weaknesses. The most popular is LastPass. It has the highest number of users, the most features, and the best support.

But it’s not as simple as just signing up and forgetting about it. All your passwords are stored there. You need to make sure your account is watertight Are You Making These 6 Password Manager Security Mistakes? Are You Making These 6 Password Manager Security Mistakes? Password managers can only be as secure as you want them to be, and if you're making any of these six basic mistakes, you're going to end up compromising your online security. Read More .

Here are eight steps you can take to make your LastPass account even more secure.

1. Require Master Password to See Other Passwords

When you first create your account, you will notice you can view all your saved passwords by clicking the eye icon.

It’s better to get LastPass to prompt you for your master LastPass password whenever you click on the eye. If you’ve not enabled automatic logouts, it will stop someone in possession of your machine from gained unfettered access to your various credentials.

Advertisement

Go to Account Settings > General > Show Advanced Settings > Alerts > Re-prompt for Master Password and check the boxes next to Access a Site’s password and Access a Secure Note.

lastpass masterpass

2. Use One-Time Passwords

In an ideal world, you’d never use a public computer 5 Ways to Make Sure Public Computers You Use Are Safe 5 Ways to Make Sure Public Computers You Use Are Safe Public WiFi is dangerous no matter what computer you're on, but foreign machines demand even greater caution. If you're using a public computer follow these guidelines to ensure your privacy and safety. Read More to access your LastPass account. PCs in libraries, hotels, and internet cafes are notorious for malware, keyloggers, and a lack of updates.

Unfortunately, sometimes it’s inevitable. Maybe you need the details for your Airbnb account while you’re on holiday or for your Amazon account to send a last-minute gift to a friend.

LastPass mitigates the risk by offering one-time passwords. Go to More Options > One Time Passwords > Add a New One Time Password to set one up.

To use a One Time Password, go to the LastPass website, click Log In, then select Log in using a One Time Password. As the name suggests, once you’ve used it once, it’s useless.

lastpass one-time password

3. Prevent Logins From Unknown Mobile Devices

Head to Account Settings > Mobile Devices. You’ll be shown a list of all the mobile devices you’ve used LastPass Is Now Free on Phones, But There's a Catch LastPass Is Now Free on Phones, But There's a Catch Password management app LastPass has some carefully worded good news: "Now you can get started on your phone, free!" Read More to log into your account, along with its 128-bit Universal Unique Identifier (UUID) number.

Delete any you don’t recognize or no longer use, then click the Enable button next to To restrict access to all mobile devices except those allowed above, click “Enable”.

lastpass mobile devices

4. Increase the Number of Password Iterations

LastPass uses Password-Based Key Derivation Function 2 (PBKDF2) as part of its cryptography standards.

In layman’s terms, the higher the value, the longer it takes for LastPass to determine whether your password is correct, or for a hacker to brute-force your account. LastPass recommends you set this figure to at least 5,000. Theoretically, the figure can be as high as you want, but the more iterations you use, the slower the login process will be.

Navigate to Account Settings > General > Show Advanced Settings > Security > Password Iterations to change the figure.

lastpass password iterations

5. Prevent Access From Certain Locations

You can easily prevent logins from specific countries. To enable the feature, go to Account Settings > General > Show Advanced Settings > Security > Country Restriction. Mark the check boxes next to the countries you want to allow.

The smaller the country in which you live, the more effective this is. If you’re lucky enough to live in somewhere like Luxembourg, you’re immediately preventing 99.98% percent of the world from logging in.

Just remember to re-allow specific countries before you take a foreign vacation!

lastpass country restriction

6. Stop Logins From the TOR Network

The Tor network uses “onion routing” to send traffic through more than 7,000 relays. It’s a great tool in the never-ending battle against encroachment into your privacy, but it’s also picked up a reputation for being a haven for criminals.

If you don’t use Tor yourself, you need to make sure this is disabled. Allowing logins from Tor is only going to weaken your security.

To prevent logins from Tor, go to Account Settings > General > Show Advanced Settings > Tor Networks.

lastpass tor login

7. Deploy Multifactor Authentication

Multifactor authentication boosts your account’s security by requiring an extra login step beyond simply entering your password.

Even if a hacker has your credentials, they still won’t be able to get into your account. The second step could take the form of an SMS message, push notification, or even a USB device.

LastPass offers six free multifactor authentication options LastPass Brings 2FA to Everything, Apple Watch Could Save Your Life... [Tech News Digest] LastPass Brings 2FA to Everything, Apple Watch Could Save Your Life... [Tech News Digest] LastPass makes two-factor authentication easier, Apple Watch saves heart attack victim, Instagram jumbles up your feed, YouTube was originally an online dating site, and Siri helps the Cookie Monster bake cookies. Read More : its own LastPass Authenticator (which works with all sites that support Google Authenticator), Google Authenticator, Toopher, Duo Security, Transakt, and Grid. Premium users also have access to YubiKey, Sesame, and fingerprint sensors. The Enterprise package adds Salesforce Authenticator.

Go to Account Settings > Multifactor Options to set-up multifactor authentication.

lastpass multifactor auth

8. Use Automatic Log Outs

LastPass needs a browser extension to let it auto-fill your passwords How To View Chrome’s Saved Passwords From Anywhere (And How To Stop It) How To View Chrome’s Saved Passwords From Anywhere (And How To Stop It) Having many online accounts requires so many passwords. And since it is now conventional wisdom that you need a strong password, you can't get away with PASSWORD or 12345. Read More . It’s an important part of the way it works; if it couldn’t auto-fill passwords, fewer people would use the service.

But it does represent a security issue. What happens if your laptop gets stolen? Or a colleague starts using it without your permission? Or you need to take it to a computer shop for repairs?

You need to enable automatic logouts. Go to Account Settings > General > Show Advanced Settings and change the time for both Website Auto-Logoff and Bookmarklet Auto-Logoff.

You can also tweak your settings on a browser-by-browser basis. Click on your browser extension and navigate to Preferences > Automatically Logout After Idle.

lastpass auto logoff

How Do Your Secure Your LastPass Account?

If you implement these eight tips you’ll be safe in the knowledge that all your login details are as safe as they can possibly be.

Of course, there are more measures 4 LastPass Settings You Must Change to Be More Secure 4 LastPass Settings You Must Change to Be More Secure LastPass is an excellent way to protect your passwords, but some default settings could use help, Here are a few you should change. Read More you can take. LastPass is packed with security tools Master Your Passwords For Good With Lastpass' Security Challenge Master Your Passwords For Good With Lastpass' Security Challenge We spend so much time online, with so many accounts, that remembering passwords can be really tough. Concerned about the risks? Find out how to use LastPass' Security Challenge to improve your security hygiene. Read More and settings. That’s why I want to know what steps you’ve take to protect your account. Are there any settings everyone should be changing? Have I overlooked some of the most important?

Let me know your tips and recommendations in the comments section below.

  1. one9712745
    December 28, 2016 at 9:06 am

    Few other things (I'm commenting this for LP on Firefox)
    - I noticed that whenever I install LP on a 'new' browser (which I've never used LP on), there 1 important setting that u must ALWAYS check in Preference -> General -> Security where 'Automatically log off when browser is closed after XX min' and "Automatically log off after idle for XX min'. I think previously it has always placed 5 (?or 10) minutes which is way too long I think if its in a workplace (shared PC). I always change to 1min.

    - In 'Advanced' setting make sure to tick
    1) 'Clear clipboards'
    2) 'Warn against insecure forms
    3) 'Clear fields on logoff'.
    I really think these should be by default(?).

    - Sometimes we tend to 'copy' passwords and we forgot to 'clear', so usually after usage I purposely 'copy & paste' something irrelevant .

  2. Gene
    December 27, 2016 at 6:11 am

    Does this article assume you have the premium version? I can't locate some of the options mentioned. For instance I don't see a show advanced option button under the general tab.

    • Gene
      December 27, 2016 at 1:54 pm

      nevermind it was cut off my 15 inch laptop. Great article btw.

  3. rudy
    December 23, 2016 at 2:13 pm

    I've been using LastPass for about 5 years now. Although I haven't used any of your suggestions, I will definitely look into them. What I do is do the "Security Challenge", which shows me weak or repetitive passwords. It sometimes offers to change them for you, or you have to go into the website to change them. It also tells you which websites have been compromised like Yahoo, so it's best to go in and change your passwords. I don't know what I would do with LastPass.

Leave a Reply

Your email address will not be published. Required fields are marked *