You are here

Passwords are the weakest link

If you are like most people, you have between 19 and 35 unique online accounts that require a username and a password to access. You have one or two standard passwords that protect your personal data from prying eyes. Maybe you have a couple of keywords and a couple of numeric special character strings that you mix and match. Whatever your strategy, you are hoping that is enough to protect you.

About LastPass

Why should I use LastPass?

LastPass makes it easy to keep all your accounts secure -- you only need to remember One Master Password. Using LastPass makes it simpler to access all your different accounts, by remembering your login information for you. LastPass also lets you utilize browser plugins and has a mobile app for added convenience. • Passwords and login credentials stored in Password Managers cannot be accessed by vendors, software providers, Lehigh University. • If you lose your Master Password, you will lose access to all of your stored credentials! Prevent this by setting up account recovery options (link is external) • Make your Master Password easy to remember and follow our suggested guidelines • Support for LastPass is provided by LastPass, not by Lehigh University.
See (link is external) for help

How does it work?

Access LastPass
Install the LastPass browser plugin (available for most major web browsers) and then when you are logging into a website, entering a username and password, LastPass will prompt you to save that account to your LastPass vault. Use the LastPass app on your mobile device and you can access your vault from anywhere.
Create better passwords
LastPass can generate long, randomized passwords that protect against hacking.
Ease of use and better security
If you are logged into the LastPass browser extension and you have stored a password in LastPass, it will often automatically fill in your username and password when you open a webpage. If it doesn’t, your passwords are still only a few clicks away in your password vault.
Your vault
Your vault can be accessed from your browser plug-in or mobile app. Once signed in to your vault, you can see all your accounts, generate new passwords, share accounts with other LastPass users, or configure your LastPass settings.

Is it safe?

Government-level encryption
LastPass uses the same encryption algorithm that the U.S. Government uses for top-secret data. Your encrypted data is unreadable to LastPass and to everyone else without the Master Password. For more information on LastPass' architecture, check out this security overview document.
Only you can see your passwords
Your encryption keys are created from your Master Password. The Master Password is never sent to LastPass. All encryption/decryption occurs locally on your devices, not on LastPass' servers. This means that your sensitive data does not travel over the internet and never touches LastPass' servers, only the encrypted data does. For additional security, your Enterprise account is configured to use Duo multi-factor authentication (MFA). MFA can also be configured on personal accounts and is required on personal accounts that are linked to an Enterprise account.
End password reuse
Stop reusing the same password, writing down passwords, or resetting passwords because you can’t remember them. Let LastPass create and manage your passwords. Stop storing passwords in your browser Storing passwords in your browser may be convenient but it can pose security risks. Instead access your passwords quickly and safely using LastPass.

Can Lehigh access or retrieve the information I store in LastPass?

With the exception of shared folders (i.e. passwords you have specifically chosen to share or have shared with you), no one else at Lehigh can see your credentials (usernames and passwords). Passwords stored in LastPass are encrypted—even staff cannot see them.

What if I already use LastPass personally?

Within the LastPass browser extension, you have the option to link your personal account to your Business account. This does not merge the accounts, but instead makes your personal vault visible within your Business vault. If you login with your personal account Master Password, you will only see your personal account information. If you login into your Business account you will see your Business account information, as well as another section containing your personal account vault. For more information on linking accounts, visit the LastPass website.

What happens to my LastPass account if I leave Lehigh

When you leave the University, you will no longer have access to the passwords stored in your business account, and your personal account will be unlinked from your business account. You will continue to have access to the contents of your personal/Premium vaults . 

What happens when the LastPass website is down? Can I still log in?

If you are logging in via the LastPass browser extension, it will automatically switch to offline mode, and you'll still be able to view your stored data.

What if I’m already using a different password manager?

If you are using a different password manager for your personal passwords, you can continue to use it. For work-related passwords, please use LastPass. One option is to use one browser for personal use and one for business use, and to only put the LastPass extension on the business computer.

What kind of account should I use? (Business, Premium, or Families accounts)

LastPass Free
Do not use to store passwords used to conduct University business.
LastPass Business
Faculty and staff should use this product to store passwords used to conduct University business.
LastPass Premium
Students, faculty, and staff should use this version to store personal passwords.
LastPass Families
Faculty and staff should use this version to store personal passwords. This is a personal account granted to Enterprise users that also includes five additional licenses. These licenses can be granted to individuals closest to you (family and/or friends.
For details about the differences in functionality of each product, please visit LastPass' website.

What else can LastPass do?

Security challenge
Check out the LastPass "Security Challenge" to get your personal security score. This score is based on many factors, such as if you reuse passwords or if any of your accounts have been involved in a breach. Use this feature to learn how to improve your password security and improve your score.
Secure notes
Store notes and pictures with the same security it uses for passwords. Use LastPass to store important travel documents or itineraries, emergency contact information, or financial information. Online shopping
Store all of your credit cards and autofill that information for an easy and quick online shopping experience.
Phishing protection
When you're logged into LastPass and you visit a website, LastPass will autofill passwords. But what if the link and page look real, but It's actually fake? LastPass won't be fooled, and it's an excellent way for you to spot fake websites.

How do I get help?

For Business accounts contact the Help Desk at:
  610-758-HELP or
For personal Premium and Families accounts, contact LastPass:
  24/7 LastPass Support Center (self-help articles, videos, and additional resources)
  LastPass Community (crowd-sourced support)
  Submit a case to LastPass Support
Training resources
  Check out the training resources at the bottom of this page!

Getting Started: Faculty and Staff:

Getting Started: Students