Why did the University choose LastPass?
With the rise in credential stuffing attacks across academia and elsewhere, it was identified that the University needed a tool to allow users to have robust, unique passwords.
On the back of the work that was undertaken to look at Password Managers and create the guidance at:
Infosec - How to Protect - Lock your devices - Passwords
Based on market engagement the Chief Information Security Officer selected Lastpass on the basis of having robust security controls, cost and availability across operating systems.
Is using a Password Manager a good idea?
The short answer is: “Yes.”
The more detailed answer is: “Yes, but not for everything.”
- Banking Passwords
- Main email account
Why your main email account? That’s where all your reset requests and the like will go should your accounts be compromised or you need to change your details.
Other than these few restrictions, you are good to go!
If you are unsure about this topic, a good source of information is the National Cyber Security Centre
What does the NCSC think about Password Managers?
What services can I use LastPass for?
LastPass can be used for all passwords and logins, with a few key exceptions:
- Lab and staff computers - When logging into your device, LastPass will not be active yet, so you need to remember your University Login for lab computers and staff computers.
- Bank logins - while most banks will now use 2 factor authentication, the current guidance from the National Cyber Security Centre is that the level of exposure makes it less desirable. Some banks also have guidelines around whether they recommend the use of Password Managers, so check first!
- LastPass master password - you will need this to log into LastPass and will have to memorise it.
- The password for the email address you would use to reset your LastPass master password
So that means that yes, you can keep your university login within LastPass.
LastPass is supported within the University Software Catalogue for the following browsers: Chrome, FireFox, Safari.
Support for Edge is due to come at a later date. It is available in the Microsoft Store, for free, for those that wish to use it.
How can using LastPass save me time?
Using LastPass with the browser extension can help save you time by:
- Automatically fill your username and password into a website
- Create strong, unique, hard to guess passwords for you
- Saves a username and password to your vault, directly from a web page
- Add sites to your favourites, which can they be directly accessed from the browser extension
The browser extension can be downloaded for various different browsers, the LastPass website details how to download it for your specific browser.
Who do I go to for help with LastPass?
Staff:
Put your query through to the IS Helpline:
If your query cannot be dealt with locally it will be passed to LastPass for resolution.
Students:
As your service is provided to us directly by LastPass, if you need help or want more information you should go to their support pages at:
https://support.logmeininc.com/lastpass
LastPass manages student accounts and as such all student support requests should go to them.
Do I have to use LastPass? Can I use my current password manager?
Use of LastPass is not mandated in policy from Information Security. If you already have a secure, successful service or process that you use for managing Passwords then please keep doing so!