I tried LastPass years ago, but it seemed quite complicated. I really need to lock down my security a little more, so can someone explain to me how this works? I get the gist of it, but how does LastPass work across multiple devices… my smart phone, tablet, laptop, desktop, and my public work computers. Do I need to download and install the app everywhere, as well as a chrome extension? What if I use a friend’s computer? Also, if I use LastPass, should I turn off the Chrome password manager? Or the Apple Keychain? I use Google Authenticator for some apps like Discord, will that app be affected?
Yes, you will need to install LastPass on the devices you use. When you sign in to each device, the passwords will sync on all devices so you will have access to your password vault on every device. You don’t have to stop using Apple Keychain etc, but it makes more sense to have your passwords in the one app for convenience sake. I have LastPass on my iPhone and when you put your cursor into a password field, the option to automatically look up passwords in LastPass is offered. Similarly on the web on desktop browsers, you install the LastPass extension to Chrome, Firefox, Edge etc to do the same thing. I wouldn’t install on public work computers unless it is locked down with your own user account (i.e. not a computer anyone can log on to with a generic account).
Second factor is separate, although I believe the LastPass app has a built-in authenticator too. I use Authy instead of Google Authenticator.
Thank you. Lastly… I have a utility laptop that is shared at work with several people. I login to several websites there, but to use LastPass I would need the Chrome extension then… is that something I can sign out of every day? Or would I have to type passwords manually from looking them up on my phone’s LastPass?
Does the laptop use a communal login or does everyone who uses it have their own login? If the latter, then you don’t need to do anything else. If the former, can set LastPass to not remember your password and log off straight away. Also, you can switch on two factor authentication for LastPass.
LastPass defaults to assuming the PC is yours and doesn’t log out as often as I would like. Bring up the settings and tweak them to your liking. There are a lot of settings because they’re trying to be everything to everyone, but check out the auto-logoff settings at least. There should be an icon on your toolbar. It will be black when you are logged out, and red when logged in (and yellow when a login fails.)
The way I use LastPass is that I log in with my master password, do what I need, and then immediately log out. I am probably a little overly paranoid, but I don’t want to chance any website being able to abuse my browser to get LastPass data.
For a shared/communal user account on a shared computer you could also forgo setting up the browser extension as you can actually login and access your vault directly on the web.
