The thing about LastPass that confounds me is that when you click on the extension in the browser and go to “Open My Vault” and when you Add Site by clicking the big “+” button, there is no way for you to generate a random password! I mean, when you are adding site, isn’t generating random password the next logical step for a PASSWORD MANAGER?
I almost never create a new site in the vault. I create my account in “insert site here” and use the “Create secure password” in the same menu you access the vault (button on the toolbar). When all my account info is registered and you click create or similar on the site Lastpass detects you are creating a new account and asks if you want to save it in the valut.
Why on earth are you adding a site that way? There’s an option right in the dropdown when you click on the extension to generate a password and use it for the site you’re on.
well, why on earth they have that option to tempt me? Now I have to change my habit!
Also, I just checked. If you right click on the eye, you get a generate password option.
No it doesn’t - at least not in Chrome Windows and Safari Mac.
Oh, now I remember why I prefer to use “Add Site” instead of using the drop down from the extension. I have had many instance where after I change password by using the suggested password by LastPass or when I create new password from the extension, it somehow didn’t get saved into the Vault. Happened enough times to me such that I didn’t want to go through the trouble of “Forgot password”, which is the reason I fall back to the manual, old ways. Maybe it is just me!
I was going to say, even if it’s weird to add sites through the Vault and not the multiple more convenient methods LastPass makes available, it still should probably make that function work sensibly if it’s going to offer it in the first place.
It does in my Chrome on Windows. I was wrong about the eye, though. If you do it in the text field it works. If you do it on the eye itself, it doesn’t.
It’s not just you. I’ve had that failure to save happen quite a bit as well. My workaround is to use the generate password option in the Lastpass menu, copy the suggestion, and then paste it twice…once into a blank text file, once into the change password form. (Well, three times if you count verifying the new password.) After the change is complete, I check the Vault to confirm the change took, and then ditch that text file.
Thanks, I will try it on Chrome tonight - but it still didn’t work on Safari Mac.
And that is why I use Add Site - which should have a button to generate password. It’s just a puzzle why it didn’t have since one of the reasons of a password manager’s existence is to generate password. It should be a very obvious button, not hidden in right click menu.
Yeah it’s kind of weird hey.
On a site with no existing logins, Lastpass recognises a password field and draws it’s icon there, but clicking on that doesn’t give a “generate password” option either:
Easiest way on Windows at least is to press Alt-G, which is the hotkey for the password generator.
edit: Actually, the option is there, it's just not obvious. Clicking the 'Log in as' reveals:
There’s also this option in Preferences which is meant to be On by default, but mine wasn’t:
Offer to Generate Secure Passwords: When LastPass recognizes that you are registering for a new account that requires a password, this notification prompts you to use the Generate a Secure Password feature. LastPass enables this option by default.
Hmm, YubiKey comes to the iOS version of LastPass finally.
https://blog.lastpass.com/2018/05/introducing-yubikey-mfa-for-ios-on-your-lastpass-account.html/
This means that LastPass users with an iPhone 7 or above, running iOS 11, can now authenticate to their LastPass Premium, Families, Teams, or Enterprise accounts on their mobile device with the same YubiKey NEO that they use for their desktop or laptop.
Well, there is a reason to get LastPass Premium again.
Ohhh, never heard of Yubikey, but now I want one.
I was waiting for that; been looking at Yubikey for a while now.
Turns out I was wrong again. That thing at the top of the right click menu I screenshotted was actually Chrome’s own password generator. However, if you go down to Lastpass in that same menu, you get the actual honest to goodness Lastpass password generator.
1Password should have some way to export to CSV, which you can then import to Lastpass.
Maybe I’m not getting something here… but why would you want to carry around an NFC key fob instead of using touch ID on your iOS device? That seems incredibly inconvenient.
I could see using it with my PC for sure, though.
You can’t change your fingerprints. Not that the USB keys are perfect, they aren’t attached to your hand so they can be physically stolen or lost. But when that happens you can remove it from your account and get a new one.
TouchID doesn’t generate OTPs, it’s only used for local validation, which (at best) can then look up passwords in your phone’s secure storage and transmit that to the remote server.
What Yubi Key does is more akin to sort of automating (and hardening) things like Google Authenticator (or other TOTP/HOTP type code generators).
While that’s true at the technical level, it’s a largely meaningless distinction as both are used as secondary authentication factors.