There are lots of password managers to choose from, each with different strengths and weaknesses. The most popular is LastPass. It has the highest number of users, the most features, and the best support.
But it’s not as simple as just signing up and forgetting about it. All your passwords are stored there.You need to make sure your account is watertight Are You Making These 6 Password Manager Security Mistakes? Are You Making These 6 Password Manager Security Mistakes? Password managers can only be as secure as you want them to be, and if you're making any of these six basic mistakes, you're going to end up compromising your online security. Read More .
Here are eight steps you can take to make your LastPass account even more secure.
1. Require Master Password to See Other PasswordsWhen you first create your account, you will notice you can view all your saved passwords by clicking the eye icon.
It’s better to get LastPass to prompt you for your master LastPass password whenever you click on the eye. If you’ve not enabled automatic logouts, it will stop someone in possession of your machine from gained unfettered access to your various credentials.
Go to Account Settings > General > Show Advanced Settings > Alerts > Re-prompt for Master Password and check the boxes next to Access a Site’s password and Access a Secure Note .
2. Use One-Time Passwords
In an ideal world, you’d never use a public computer 5 Ways to Make Sure Public Computers You Use Are Safe 5 Ways to Make Sure Public Computers You Use Are Safe Public WiFi is dangerous no matter what computer you're on, but foreign machines demand even greater caution. If you're using a public computer follow these guidelines to ensure your privacy and safety. Read More to access your LastPass account. PCs in libraries, hotels, and internet cafes are notorious for malware, keyloggers, and a lack of updates.
Unfortunately, sometimes it’s inevitable. Maybe you need the details for your Airbnb account while you’re on holiday or for your Amazon account to send a last-minute gift to a friend.
LastPass mitigates the risk by offering one-time passwords. Go to More Options > One Time Passwords > Add a New One Time Password to set one up .
To use a One Time Password, go to the LastPass website, click Log In , then select Log in using a One Time Password . As the name suggests, once you’ve used it once, it’s useless.
3.Prevent Logins From Unknown Mobile Devices
Head to Account Settings > Mobile Devices . You’ll be shown a list of all the mobile devices you’ve used LastPass Is Now Free on Phones, ButThere's a Catch LastPass Is Now Free on Phones, ButThere's a Catch Password management app LastPass has some carefully worded good news: "Now you can get started on your phone, free!" Read More to log into your account, along with its 128-bit Universal Unique Identifier (UUID)number.
Delete any you don’t recognize or no longer use, then click the Enable button next to To restrict access to all mobile devices except those allowed above, click “Enable” .
4. Increase the Number of Password Iterations
LastPass uses Password-Based Key Derivation Function 2 (PBKDF2) as part of its cryptography standards.
In layman’s terms, the higher the value, the longer it takes for LastPass to determine whether your password is correct, or for a hacker to brute-force your account. LastPass recommends you set this figure to at least 5,000. Theoretically, the figure can be as high as you want, but the more iterations you use, the slower the login process will be.
Navigate to Account Settings > General > Show Advanced Settings > Security > Password Iterations to change the figure.
5.Prevent Access From Certain Locations
You can easily prevent logins from specific countries. To enable the feature, go to Account Settings > General > Show Advanced Settings > Security > Country Restriction . Mark the check boxes next to the countries you want to allow.
The smaller the country in which you live, the more effective this is. If you’re lucky enough to live in somewhere like Luxembourg, you’re immediately preventing 99.98% percent of the world from logging in.
Just remember to re-allow specific countries before you take a foreign vacation!
6.Stop Logins From the TOR Network
The Tor network uses “onion routing” to send traffic through more than 7,000 relays. It’s a great tool in the never-ending battle against encroachment into your privacy, but it’s also picked up a reputation for being a haven for criminals.
If you don’t use Tor yourself, you need to make sure this is disabled. Allowing logins from Tor is only going to weaken your security.
To prevent logins from Tor, go to Account Settings > General > Show Advanced Settings > Tor Networks .
7. Deploy Multifactor Authentication
Multifactor authentication boosts your account’s security by requiring an extra login step beyond simply entering your password.
Even if a hacker has your credentials, they still won’t be able to get into your account. The second step could take the form of an SMS message, push notification, or even a USB device.
LastPass offers six free