Add the option to exclude sites from the Security Challenge

Showing results for 
Search instead for 
Did you mean: 

Add the option to exclude sites from the Security Challenge

Add the option to exclude sites from the Security Challenge

I would find it really helpful if there were a per-entry setting for a site that enabled it to be excluded from the Security Dashboard checks. Several of the financial institutions I use have a simple PIN or short numeric password for the first-stage login and then a more complex password for the second stage. As far as I can see LastPass doesn't have the ability to handle two-step logins and therefore only sees the fist password, which it reports as weak. If I change such passwords they will still be considered week, so there is really no benefit in them being included in the dashboard score.

Retired LogMeIn Contributor



There isn't currently a way to exclude entries from the Security Dashboard, and this has been submitted to our team as a feature request as other users have also requested this option as well although we don't have any news or updates to share currently in regards to adding this functionality.

Active Contributor

I concur with this suggestion - sometimes one might have someone else's log on and password to use for some purpose and we aren't going to change this entries.

New Member

Agreed - additionally, I also save some public WiFi passwords etc in my LastPass account that I really have no control over, so it would be nice to filter those out as well.

New Member

Chick-fil-A Customer Experience Survey Guide

Chick-fil-A is one of the famous restaurant chains at the United States Of America. If you are a frequent customer at Chick-fil-A Locations, then you have a chance to take part in the online Chick-Fil-A Satisfaction Survey called as MyCFAVisit.


My cfavisit

Active Contributor

Another reason to do this is to be able to exclude passwords for local (LAN) devices, that are by no means accessible from the internet. It is not necessary to include these in the challenge

New Member

I echo the sentiment of the OP and others. We should be able to tell LP to ignore a site on a case by case basis, or ignore an entire folder of sites.  Anyone that works in IT has thousands of saved credentials.  The vast majority of them for local, off-net devices.  Not to mention folder after folder of internal customer devices THAT WE DO NOT DICTATE SECURITY POLICY ON.  We should able able to exclude them from the Security Assessment. 


Considering that power users are the bulk of the people that use LastPass, the majority of which work in IT, not having this feature makes the Security Assessment utterly useless to us.  This is not hard to fix.