LastPass FAQ

Overview

In order to promote proper password hygiene, U of I has adopted the use of the LastPass password manager. While it may seem straightforward to use, there are some practices that help promote a healthy and secure password ecosystem. This article will outline some of the do's and don'ts of password management so that our systems are utilized as they should be.

Table of Questions

• How do I get started?
• How do I login?
• Can other password managers be used?
• Is there a mobile application that can be used?
• Can personal passwords be stored in LastPass Enterprise?
• Will I be able to export passwords?
• Can I have a shared folder automatically provisioned with new accounts in my group?
• How is password sharing managed in LastPass at U of I?
• How do I share password folders?
• How do I specify an exact URL/Password match ?
• How do I import passwords?

Have a question you don't see here?

Leave a comment or provide feedback! You can also use the LastPass self-help website!

Key Features

• Quickly generate secure passwords with "Generate Secure Password" option in the browser extension or when creating a record
  • Customization options for length, complexity, ease of reading, and ease of saying are all options
• Specify an exact URL/Password match
• Security Dashboard helps audit duplicate or weak passwords
• Quick and flexible sharing capabilities

How do I get started? Does my department have a LastPass group?

• Request to start the process by completing a form for software procurement (https://support.uidaho.edu/TDClient/40/Portal/Requests/ServiceDet?ID=755&SIDs=21).  
• All LastPass account requests need to be approved by procurement and added as an asset to the ticket in TeamDynamix before an account is created.
• When requesting access please include the following information in the request:
  • LastPass group names you need access to (if applicable),
    • NOTE: The owner of every group you are requesting access to should explicitly state approval for sharing passwords within the TeamDynamix ticket.

How do I login?

• Individual users will need to be added to the application. A supervisor should create a ticket to ITS Security in TeamDynamix requesting access to LastPass and which groups the member should be associated with. If the groups are not known, ITS Security will work with the supervisor to ascertain the appropriate groups.

• U of I uses single federated logins to manage access to LastPass. Login through the LastPass browser extension for your specific browser (or use the Desktop application for your operating system).

• If you have been provisioned for access to the U of I LastPass application, when you enter you NETID as your username, the password field should disappear and you should be able to start the authentication process. The password and Duo authentication you use to login to U of I will be used to access LastPass.

• Web logins can be achieved in certain browsers after the extension is installed at https://lastpass.com/?ac=1 but it is generally not recommended at this time.

Can other password managers be used?

• Storing U of I passwords in a browser is expressly prohibited and LastPass is currently the authorized password manager for U of I passwords. Password Manager Pro may be authorized but teams requiring its use should check with ITS Security. KeePass is available for use but may be removed at a later date.

Is there a mobile application that can be used?

• Yes, LastPass can be used with the mobile application.
  • Get app from appstore
  • Login with uidaho.edu email address only -- you will be prompted for uidaho login credentials on the next screen, as well as Duo authentication.
  • You will be required to setup a PIN to access this application.
    • The PIN needs to be  between 4 and 12 digits in length.

Can personal passwords be stored in LastPass Enterprise?

• A personal LastPass account can be linked to your LastPass Enterprise account. U of I wants to foster proper password hygiene but there are a few caveats that go along with this:
  • Only use of current passwords in your linked personal password vault will be allowed. You will not be able to add/change/delete/update your linked personal password vault when logged into LastPass Enterprise. This is a software policy in place designed to protect both your and U of I passwords from getting mixed up.
  • U of I will not have visibility into your personal password vault when it is linked. U of I will only know that a personal account is presently linked.
  • If your Azure AD account is changed (for instance, if you move to a different department), your personal password vault is unchanged while your LastPass Enterprise account will be removed/modified.

Will I be able to export passwords?

• By default, policy will prevent password exports from occuring. If you require the ability to export U of I passwords for backup or migration, please send a request to its-security@uidaho.edu.

There are some passwords that everyone in my group needs. Can I have a shared folder automatically provisioned with new accounts in my group?

• Yes. The group owner can designate shared folders that are automatically provisioned for groups with the members associated with it. Contact your supervisor if you don't have the proper folders shared with you.

How is password sharing managed in LastPass at U of I?

• Shared folders are utilized to share passwords among groups. You will be unable to share credentials directly. All passwords being shared must be placed into a shared folder.

How do I share password folders?

• To share items with one or more people, create a folder in Sharing Center and share the entire folder with your recipients by hovering over the folder created and clicking "Manage". Once there, specify the details and share.
• To add more items to a shared folder, anyone with administrator access (which can be determined in Sharing Center) to the folder can drag and drop items into the folder.
• To manage shared folders, open the Sharing Center from the left-hand navigation bar in the Vault.

Share Resources with Group(s) Example:

1. After organizing the passwords into appropriate folders, right-click the folder you wish to share -> click "Share"
   
   
    
2. Modify folder name as necessary, click "Create"
   
   
    
3. Open "Sharing Center" to view shared folders
   
   
    
4. Hover over the folder, and click "Manage"
   
   
    
5. Click the dropdown "Invite Users or Groups" and choose the appropriate groups -> click "Invite" -> Select "Permissions" checkboxes for appropriate permissions. Once complete, click "Save".
   
   
    
6. Once Azure AD syncs, users associated with the selected groups should be notified of the newly shared folder.
    

How do I specify an exact URL/Password match?

• Sometimes URLs will have multiple records but you may want records per subdomain or path:
  • Open "My Valut"
  • In the left-hand menu, click "Account Settings"
  • On the top menu of the pop-up, click "URL Rules"
  • Click "Add"
  • Copy/Paste the URL you want to match for a specific record into "Domain" (note: the URL in the record must be the same as the URL you paste/type here)
  • Click "Add"
• More information on URL rules can be found at:
  https://support.logmeininc.com/lastpass/help/manage-your-url-rules-lp040008
   

How do I import passwords?

1. Sign in to LastPass

2. If importing previous passwords, Select "Advanced Options" -> "Import"
   If starting your collection, choose the "+" in the bottom right corner to create new files/folders.
   

3. Select the "Source" and "Choose File"
   
    

4. If using "Generic CSV" make sure the CSV follows this format for column headers. Uncheck "Remove duplicate items" if appropriate.