Improve your online security and save time with LastPass, the password manager that remembers all your passwords so you don't have to.
In this video:
1:44 LastPass Demo
Your Digital Legacy Free Minicourse
Curious about other tools that can help you get more organized? Grab a copy of Steve’s toolkit! https://dottotech.com/toolkit/
Love what you saw? Subscribe to the channel for weekly Google tips (live every Monday!)
Want to dive into the world of productivity, digital marketing and content creation? Join us for our weekly webinar this Wednesday!
Every week, we break big, complex processes like building your email list and growing a successful YouTube channel into small, actionable steps you can put into practice straight away.
Sign up: https://dottotech.com/webinars/
FOLLOW DOTTO TECH ON SOCIAL
→ Blog: https://dottotech.com/
→ Twitter: https://twitter.com/dottotech
→ Facebook: https://www.facebook.com/DottoTech/
Your statement at 9:57 where you tell your viewers that they "can share a password without the risk of someone taking over the account." FALSE!!!!
Anyone wishing to gain access only needs to search how to view a masked password to view the password. Very easy to do. Lots of extensions out there for it too. I'm surprised you don't know this, but truthfully LastPass needs to take some ownership of this and alert users of the expectation of using this feature.
what if you have multiple accounts under the same company. For example you have a bank account, but at that same bank you have a credit card that requires you to have a different pw and log in from your bank log in?
I don't mean to sound negative... I'm writing under your video because it is the BEST one I've found. That's a compliment. The sentence at 6:19. ? I think it means when we "log in" to a new website and create an account for that website, then LastPass, as you say, will ask if we want to create an account to match it in LastPass. BUT I JUST DID THAT (for the fourth time) AND NOTHING HAPPENED. I created an account at a gardening website and nowhere during the process did LastPass ask if I wanted to do anything. No window appeared. And yes I was logged into the app and have the extension and even used the pword generator to get a pword. These things are clear to someone who's been using the app, but confusing to beginners.
Re Emergency Access, I'm not the only one who wondered how useful it is if you're too incapacitated to send an email. I think it works this way: You designate a trusted friend who is able to ATTEMPT to access your LastPass at ANY time (whether you are in a coma or fit as a fiddle). Maybe he has a legitimate reason to try, but this is all about security, so you want to guard against him getting access when he shouldn't. Therefore, any time he does try to access your data, LastPass will notify you that he is trying to do so and you will be given a certain pre-determined amount of time, say 2 hrs., to tell LastPass to deny his attempted access. If you don't respond to the alert from LastPass within the allotted time, then he will be allowed access. In fewer words: A trusted friend will be able to access your LastPass unless you say "No" when you're told he is trying to.
I wish you had discussed how this is different from Apple's "Keychain" and whether Keychain should be disabled when you have LastPass.
I wonder if LastPass can set reminders for each site based on the passage of time or the number of log-ins, for changing the password. But I suppose these great generated passwords could last forever without hacking, so maybe frequently changing is not important.
I am disappointed in the pricing. The price doubles if you want to share with your spouse. They make it seem like a bargain by including all 6 of your kids, a "family" plan. But who would do that? Surely in most cases it's just the spouse you want to share with. It should be included in the basic price, not doubled, in my opinion. The workaround (?) is to just give your spouse your master passphrase and they have to use your computer.
Thank you for your video which is more thorough than the others I've watched—and it's lightyears better than the lame videos on their site.
Probably the best online tutorial (of any subject) I've ever seen. The graphics are just perfect - clear but don't get in the way. Was sold on at least trying the ap. Thanks, Steve for making the effort to explain something many of us do not want to deal with.
Steve, I just discovered you and am so grateful for all that you share. I've set up LastPass, and your video has been extremely helpful, but where I'm hung up is I simply cannot seem to figure out how to get this working on my iPhone. So it's incapacitating me and making me want to get rid of LastPass altogether. I use Google Chrome on my IPhone X, and I have the latest version (12), and can't find any support in getting this set up. Can you do a video to help walk us through setting LastPass up on our mobile devices and how it works there?
Wow, Steven, thanks so much for the quick reply. Yes, I have the app. But some of my apps don't open with the username and password autofilled, and then if I try to launch those apps from within Lastpass, it still doens't autofill, and it's hard to remember those passwords because I used Lastpass to help generate some real obscure ones. So I'm hoping I'm just missing something. Wondered if you ever considered doing a video about that aspect of it.
Not working since upgrade to High Sierra. Lastpass tech support indicates they are aware and waiting for Apple to fix on their end. Well......paying for premium and NOT getting anything much right now. Disappointed ;-( Long time Last Pass user and subscriber. Looking for other options. Android version is VERY clunky and only works when using Last Pass Browser which is NOT awesome. Maybe I am not operating it correctly.
I use all of the options as much as possible, LastPass has refreshed their app under the new ownership (which was what i was concerned about) and done a good job. Both are great choices in my opinion, LastPass costs less.
Hi, I have a few other questions I asked LastPass but their answers still left me in the dark.
1) I don't understand the difference between "folders" and "identities". Do you have a good explanation?
2) I am wondering about the most logical way to set up my family vaults. It's me, my husband, and two children. I also would like to add my sister to share important information in case of emergency. Has anybody found a good set up? Do you create a folder for all things "home", for example, which you share with your spouse?
1) Folders let you organize your passwords into logical groups (banking, email, social media, school, medical, etc.). Identities let you filter which passwords you can see at a given time. For example, I can create an identity to show only those passwords relating to my son "E". Then, when I select that identity, I'll only see the passwords for 6 school accounts, 1 medical account, 3 Boy Scout accounts, and 6 game accounts. Everything else is not shown. As another example, you can create "Home" and "Work" identities.
2) I'm wondering the same thing. I currently have one Premium plan and everybody in the family has access to it. I group them in folders by type (banking, social media, etc.), and I differentiate common sites by adding our names to them (e.g., "LinkedIn - R" and "LinkedIn - A"). I don't know what the advantage would be to switch to the Families plan and double my cost to $48/year. However, since you want to add your sister, the Families plan might be the way for you to go. It looks like it would allow you better privacy, such as securing sensitive login information from her. If it were just you, your husband, and your kids, you could probably go with a Premium account.
I think I answered my own question, and I will likely switch to the Families plan after giving this some more thought. I'm not sure I want my kids to be able to access everything I have in LastPass, like they can do with the single Premium plan we're currently sharing. They have no need to login to our bank accounts or my wife's and my work email or payroll accounts.
I hope I've helped.
Hi Steve, thank you for this video. I am not clear how this works in connection with devices we regularly use that require logins but are not computers, tablets, or smartphones. Things that come to mind are Xbox, Apple TV, Nest thermostat, or even videogames that are played on the computer but not on a browser (like Fortnite) but you log in to play. Do we use them as we regularly do by entering the LastPass-provided password manually? Sorry if this is a dumb question! Just starting to get acquainted with password management systems!
In those cases, you would have to lookup the password in LastPass, and then type it manually into the device.
And to be clear, using LastPass *allows*, but does not *require*, you to use their LastPass-Generated passwords. At a base level, you can just use it to store and remember all your existing passwords. But LastPass will empower you and strongly encourage you to make your passwords better over time.
For me it was a gradual process. I started by just remembering my existing (terrible) passwords, and then as I began to know and trust the system, I started changing them to auto-generated ones.
I am not sure the best way for devices, I use it for Website accounts. But you could store all those other password and accounts in Lastpass, they would not "autofill" however, you would have to look up the password.
Yes you invaded my territory all of a sudden you show up the program that is LAST PASS when I was checking my bank receipts. That really pissed me off. I don't care about your program now..! How do I remove it. Not Happy...! Not had any problems till now. I am using Linux Ubuntu and not sure how you got into my account. Mad as Hell..!
Steve , Great video but YOU NEED TO ADD COMMENT on the video you have to modify it on 9:27 since Lasspass didn't protect receipt from not seeing or accessing the password. Even though you don't check the allow.else you will put your viewer on the risk. Anybody who can disprove me I can challenge
Indeed. at 9:58 "Without the risk of that person being able to take the account over" is absolutely false. Please consider adding some commentary or text to the video. Truthfully LastPass should be more open about this too.
Hi Steve! What if I share a password with someone not making it visible but the person let's his browser (let's say Chrome) remember it? Did you try to this? What happens then?
Also, I am with Sticky Passwords right now as it has many customizeable fields to add. Example: by phone provider. I can add mobile pins, logins names, secure passwords. LastPass also has a similar feature but it is kinda clumsy when I just simply want to look at the secure note and let's say read it out to someone over the phone. What do you think?
Your passwords are stored locally on your computer, encrypted. So if the site goes down, or if your internet connection goes down, you can still get to your vault locally. The only difference is that any changes would not be synced to other devices until the connection resumes.
Thanks for this review of LastPass. 2 questions: 1) Does it make a difference whether you use a desktop or Mobile device? 2). What about two Factor Authentication? Does LastPass still work when you have that enabled. I do for gmail.
With 2FA on gmail, LastPass will autofill your password at the first step, and then you'll need to type in the code from your phone or whatever on the next step. It works the same as it always has except that you don't have to type your own password.
LastPass has apps for Android and iPhone.
I've used it on Android for years, and the auto-fill used to be a little hit or miss. (Sometimes I had to manually lookup a password.) But recently, my phone upgraded to Android 8 (Oreo), which has much better integration with password managers, and now the experience is even better and smoother. Autofill in Apps, and remembering passwords works great from my phone on Oreo.
The reason to use a password manager is to manage a large number of passwords, and the good ones encrypt them.
For adults, there is no reason for a password to be impossible to remember. The alternative to a password manager is to use a key passphrase that's easy to remember, but hard to guess, and to modify it systematically using a few rules based on the site/system where you use the password.
I haven't a good memory, but use literally hundreds of site logins with very probability that any two have the same password. I use a system. If you follow one, after a couple of weeks practice you'll be able to recreate the password for any site where you've assigned one almost as fast as you can key it in.
One system would be to use the the old Compuserve system for the passphrase, two unrelated words separated by a special character. A simple modification rule would be to take the first and third letters of the website and substitute them for the first letters of the passphrase's words. A slight improvement would be to take the 5th letter of the site name and use it to pick a substituted for the separatorcharacter, counting across the numeral keys as you go through the alphabet. You could go across or back and forth . (Have a card with the special character lookup.)
Your system will create passwords that are different for each site, hard to guess, and too resource demanding to crack in a reasonable amount of time.
The only time this system on't work is where the site has poor security and won't accept special characters. If so, use the number keys for the special character substitution. That limits the potential passwords for a site to two.
You can improve this by using a modified login name for each site using a simpler rule. For special sites where security is paramont, like banking, if they require an email address as the signing, they must accept special characters in the password to be secure. Add another special character at the end.
Use your own key phrase. Use your own substitution rules. The only things I suggest are to include one Capital letter, one lowercase, and one numeral that are not changed by the modification rules.
Was a very happy LastPass Premium user for many years and talked many others into using it. Now, however, my Vault got trashed and although I was able to recover most of the lost information from backups (thanks be!), I am still not able to update any information. LastPass 3rd or 4th tier technical support is aware of the problem but can't solve it yet (after about a month). Currently looking for alternatives. :-(
The fact that they doubled the price didn't help keep me as a customer either, although I wouldn't have left them for that if the service still worked reliably. I just don't trust it now :-(. I am not very happy with the new owners -- I never had any issue under previous ownership.
In the latest version of Android 8.0 (Oreo), Password managers can now interact with Apps. It's great, and has vastly improved my experience of LastPass on my phone.
I can't speak for the status of iOS.
Love the content! Quick question I how does the password management work in conjunction with logging on Windows since I use my Google account to access my computer. My concern is the password will be impossible to remember and I won’t be able to log on my computer.
Lieven Beuckx it is possible. Each has its own method and some require more effort than others. 1Password has a direct import feature where it will import LastPass data. Moving from 1Password to LastPass was slightly more intricate, requiring you to export your 1Password data to a CSV file, then copying the contents of that file to the clipboard and pasting the contents into a field within LastPass. A bit bulky, but it did work. Good luck!
Another awesome tutorial.
Although you didn't mention it, I assume it is good practice to log out of LastPass if you leave your computer running all day and have to leave. Or does it automatically log you out after a certain period of inactivity on your computer (or other device)?
Spectralight Photo And there's really no point in logging out, unless your computer is also used by others. Well, I guess if you do get a virus and you see it before you log in again, that would be good. But if you don't get viruses just stay logged in.
I'm probably the only one here. But I have never used a password manager. And probably never will. I thought about using 1 Password but never could feel comfortable having all of my passwords in one place that could be accessed by a hacker who only has to hack one password to get to them. So, I keep my passwords in a very secure place. My brain. I know....archaic lol
Your Digital Makeover , I was like you!! Kept a notebook, used secure phrases for all my sites!! My system was foolproof, then my wife got hacked!! They tried to get a bank card sent to them, she travels a lot so I think it happened on Airport WiFi!! The acct they tried to get was a joint acct so now I’m compromised!! Because of this I need to invoke the use of a password manager because my wife doesn’t feed into my conspiracy theories, lol!!
First the passwords managers encrypt the entire blob of data and then store it. So even if a hacker hacks their servers, they need to break an AES 256 bit encryption with salting which is almost impossible to do (within a timeframe of say a hundred years). Secondly for remote hacking master password is not sufficient, the hacker will either need OTP or a secret key (like in 1password) to access your account. Thats simply not possible as he only has one chace for a combination. so its much much harder or kind of impossible. Thats why none of the password managers has not compromised a single password in decades.
You aren't the only one. I use a system of a single compex but memorable passphrase and substitution based on site name. I'm active on humdreds of sites, only need to be careful keying in the passwords.
I was wondering the same thing. I figured there must be some workable process for this, and found it on the LastPass site. https://lastpass.com/support.php?cmd=showfaq&id=9972
I'm guessing that if you set the time to 48 hours, for example, when the designated emergency contact requests access to all your LastPass accounts, you will be notified by LastPass that this person has requested access. If you don't respond with a denial for access within 48 hours, then the emergency person will be given access.
Hi Steve. Another great video as always. It's very important to have a password manager these days.
Personally my wife and I chose Enpass. Whichever you choose though they all mostly do the same thing.
One of the reasons we chose Enpass is because it's got a desktop client for Linux Ubuntu that we use but I'm sure there are many good cross platform apps like this.
I'm also using LastPass for quite a while, including the iOS apps both on iPhone and iPad. I'm trusting on LastPass, but to be sure I'm exporting 4 times a year all stored passwords via "More Options" / "Advanced" / "Export" to a csv file to have them also locally stored. I'm putting those csv files into KeepPass in order to have a second secure and almost up2date backup at hand, if needed.
What is also very nice is the Security Challenge that not only performs some tests on the quality of your passwords but also allows, at least for some sites, to have them automatically changed.
Thank you for encouraging us to at least make a choice rather than hoping or wishing for some kind of a miracle to happen, and then leading us to make a good choice based on your knowledge and experience. I really appreciate it. Thank you for being honest and realistic, and also sensitive about bad, unpleasant things that might happen to us where we may need emergency access for people close to us.
Interesting...I actually switched to 1Password based on your last video! 😎 What are the changes to LastPass that won you over? I ask because one of the features that caused me to change was the ease of accessing OP with the right click in any field. I’m open to switching back, but I am curious. Thanks!
The problem is not that Facebook and Google are the only advertising platforms. The problem is that they are considered mainstream media and without these two, the trend of cryptocurrencies gaining legitimacy is delayed. That is right, I said delayed not blocked or prevented.
The World Has Changed.
Five years ago, when bitcoin was unknown to most people, this might have been a fatal move. Today is a different story. I recently traveled to a remote mountain town in the interior of Mexico. Everyone I met had heard about Bitcoin and eyes lit up with excitement when I ask if I could pay for lunch with bitcoin.
Today are dozens of websites dedicated to cryptocurrencies, either holding them, exchanging them or just writing about them. Probably the most effective advertising remains on Google, it is called Google Search and it is free.
If someone wants to learn about owning bitcoin or any other currency, there is a ton of educational information.
The Flipside Is Being Ignored.
Not All Regulation Is Inherently Bad.
If we examine the full spectrum of regulation to this point on a global scale there is one common target most everywhere. That is the practice of exchanges. So far there has been little or not regulation, threatened or enacted, to protect investors from loss of funds due to security breaches.
Capitulation Is A Good Sign.