Is LastPass Secure?

password-security

[wp-review]

“is LastPass secure?” is a fairly common question these days, and it is often met with a response along the lines of “nothing is 100% secure”, which is essentially true. However, this should not be your major deciding factor towards whether you choose to use LastPass or not. Through its use of advanced encryption technologies, LastPass is about as secure as you are going to get when it comes to tools to manage your passwords and other sensitive information. And it is certainly far more secure than using the same password across all of your accounts/sites.

The reasons for this are fairly simple:

  1. Lastpass encrypts your data multiple times, of which one part of the process occurs on your local devices and not through the LastPass website. Your master password is not exposed in the communication between your device and the LastPass site.
  2. LastPass allows you to setup GeoIP Blocking and restrict access to your account to specific countries. You can add and remove countries whenever you like.
  3. Lastpass provides an array of choices for multifactor login protection. Popular choices for this are the Google Authenticator app and Yubi keys. You can also set devices as “Trusted” under this setting for devices that you regularly.
  4. You can lock down access from the mobile app to only be available from specific devices. You can also use the mobile app to fill logins to other applications on the device.
  5. When combined with a strong master password, the chance of someone getting access to all your passwords is very slim as long as you also follow good security best practices in preventing other people from viewing or being able to guess your master password.
  6. People who don’t use a password storage tool such as LastPass generally use quite simple passwords that can be easily guessed with the right tools. In addition to this, they often use the same password across multiple site…and this is most definitely far less secure than using LastPass.

What makes a good LastPass Master Password?

The advice we give to people these days is to use a phrase of some kind that you will find easy to remember. But it should still use a bit of character randomness to add a bit more strength.

For example:

let’s say we use the phrase “my favourite pop star is katy perry”

The way we would suggest you use this would be as follows:

mYfav0ur!tep0pstar!skatYperrY

Note the replacement of the i’s with a !, the replacement of the o’s with a 0 and the use of upper case Y’s across the whole phrase. This allows the password to have quite a significant strength factor and yet be easy to remember.

So as far as we are concerned, the answer to “Is LastPass Secure?” is a resounding YES!

[button-red url=”http://lastpass.com” target=”_blank” position=”left”]Setup LastPass[/button-red]