Security

LastPass: The smart person's guide

This comprehensive guide covers everything you need to know about password management app LastPass, including its newly announced free cross-platform access.

lastpass.png
Image: Lastpass.com

Not all password managers are created equal, and LastPass is one of the standout options. Available for almost every OS, browser, and mobile platform on the market, LastPass is designed to have you safe, secure, and encrypted wherever you happen to be.

TechRepublic's smart person's guide about LastPass is a quick introduction to this password management app, as well as a "living" guide that will be revised periodically as new updates and versions are released.

SEE: Check out all of TechRepublic's smart person's guides.

Executive summary

  • What is LastPass? LastPass is a robust password management tool available on most computing platforms and as a browser plugin. If installed in multiple locations it will sync, allowing for secure and easy password management.
  • Why does LastPass matter? Like all other password management apps, LastPass matters because of the sheer volume of online logins the average person regularly contends with. Hacking/cracking passwords is becoming simpler all the time, making good password management essential.
  • Who does LastPass affect? Anyone using the internet is affected by LastPass. With an average of 130 accounts per person (growing at a 14% rate annually) that's a lot of passwords, many of which are reused or insecure.
  • When is LastPass happening? LastPass was initially released in 2008 as a simple browser plugin and has since become a robust application suite. On November 2, 2016, LastPass announced a major improvement: Free accounts now sync to all devices where LastPass is installed, as opposed to just one.
  • How do I get LastPass? You can download LastPass for free on its website or from your respective mobile app store.

What is LastPass?

Put simply, LastPass is a digital vault where you can safely store passwords without fear of their being discovered. Plenty of people are in the bad habit of keeping a notebook in their desk drawer or sticky notes on the underside of their keyboard with passwords on them; LastPass is the cure for that incredibly dangerous practice.

All of the data you store in LastPass is encrypted using the AES-256 standard. This level of encryption is used by the US government to protect top secret information, and as of 2013 there is no computationally feasible way to brute force crack it. That means your passwords are safe.

In addition to AES-256 encryption of your password vault LastPass communicates with its servers using PBKDF2 SHA-256 and salted hashes for an extra layer of security between the app on your phone/computer and LastPass' servers.

Additional resources

Why does LastPass matter?

Think of the number of websites and applications you have passwords for. If you're like the average American it's more than 100, meaning you have the same number of passwords to remember.

We'd all be lying to ourselves, of course, if we said each of our accounts had a unique, secure password. Most of us use the same one—or a slight variation—over and over again. Repeated use of passwords poses a serious security risk that can be eliminated by apps like LastPass.

Another common method of password theft is malware that logs keystrokes: All a hacker needs to do is read off the website you typed in along with your username and password to get instant access.

LastPass circumvents keyloggers in two ways: It can autofill passwords once you're logged in and it also offers a virtual keyboard that you can click on with your mouse. Avoiding keystrokes while typing in passwords or using an onscreen keyboard, along with robust encryption, leaves you protected in a way you can't get with other methods.

Additional resources

Who does LastPass affect?

If you are reading this smart person's guide LastPass probably affects you. Anyone who uses a computer or smartphone to log into an account can benefit from LastPass: It provides several layers of added security to prevent theft of passwords and important personal data.

17.6 million Americans (around 7 percent) were victims of identity theft in 2014, and that number will only have increased in the past two years. A paranoid level of identity protection is essential in the internet age, and LastPass can eliminate much of the legwork.

Additional resources

When is LastPass happening?

LastPass was originally released in 2008 as a browser plugin. Since then it has grown into a desktop application and mobile app along with its original browser-based form.

LastPass is free, but there are also premium options for home users and enterprises. Both offer more features, such as shared accounts for family access and administration consoles for business users.

Prior to November 2, 2016, LastPass' free version had a serious restriction: Passwords stored on one device wouldn't transfer to another. If, for example, you stored banking credentials on your desktop you wouldn't be able to retrieve them on your smartphone. Luckily that feature is now free: Credentials you store are universally accessible on all devices where you use LastPass.

Additional resources

How can I get LastPass?

LastPass is available on a variety of platforms—pretty much anyone using any device can install it. Simply navigate to LastPass' website and click on Get LastPass Free to be instantly taken to the mobile app store or browser plugin install screen applicable to your device.

You can also click on Download to see other options for installation, such as the desktop apps available for Windows, macOS, and Linux.

Additional resources

About Brandon Vigliarolo

Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.

Editor's Picks