Add the option to exclude sites from the Security Challenge

Vumad · ‎12-29-2020

I would find it really helpful if there were a per-entry setting for a site that enabled it to be excluded from the Security Dashboard checks. Several of the financial institutions I use have a simple PIN or short numeric password for the first-stage login and then a more complex password for the second stage. As far as I can see LastPass doesn't have the ability to handle two-step logins and therefore only sees the fist password, which it reports as weak. If I change such passwords they will still be considered week, so there is really no benefit in them being included in the dashboard score.

msteltman · ‎09-17-2021

Another reason to do this is to be able to exclude passwords for local (LAN) devices, that are by no means accessible from the internet. It is not necessary to include these in the challenge

pixelriffic · ‎10-25-2021

Howdy folks,

I have used lastpass for several years. In that time, I have accumulated hundreds of entries. Some of which are saved logins for other clients. I have many entries that are for sites that no longer exist, or logins that are no longer in use. I would really love to see an option to remove a login entry from within the security dashboard. Or short of that, a link to the main login entry.

Thank you for your time!

dwward · ‎11-01-2021

I came here to suggest the same change. I just clicked Security Dashboard and looked at the at-risk password, and I have several accounts that are typos, out-dated accounts, duplicates or localhost passwords that I use for software development. However, I'm presented only with a "Change Password" link with doesn't make sense for those alternate scenarios. A simple "Delete" or link to the "Edit Entry" popup would greatly assist a user who needs to update their passwords -- if you consider the alternative, it is to: Memorize the name of the offending website and username, navigate away from this page to the Password page, make the edits or deletes, then return to this page. I have nearly 80 websites throwing a risk flag and this website as it is provides a tedious and demotivating user experience.

Former Member · ‎11-03-2021

I too (like dwward) use LastPass to also store local development passwords for convenience only and not security. These local development passwords pose no risk at all and I would like to exclude them from the scrore.

glenn59 · ‎11-08-2021

I have also posted this request some time ago. What could be safer than being able to delete no longer used passwords conveniently?

coachstevens · ‎11-22-2021

YES, same thing, amen!!

glenn59 · ‎11-22-2021

Is their a way to add this to a request list?

Or better yet, is there some one from Logmein that has noticed this?

rblaakmeer · ‎11-26-2021

Yes, please add an "Audit" button to each item. Clicking the button would require you to enter a comment and remove it from the security dashboard. It should be possible to review the list of audited items.

macdaddy69 · ‎12-06-2021

I echo the sentiment of the OP and others. We should be able to tell LP to ignore a site on a case by case basis, or ignore an entire folder of sites. Anyone that works in IT has thousands of saved credentials. The vast majority of them for local, off-net devices. Not to mention folder after folder of internal customer devices THAT WE DO NOT DICTATE SECURITY POLICY ON. We should able able to exclude them from the Security Assessment.

Considering that power users are the bulk of the people that use LastPass, the majority of which work in IT, not having this feature makes the Security Assessment utterly useless to us. This is not hard to fix.

r0bdiabl0 · ‎12-15-2021

Please add a delete entry button on the Security Dashboard as the original poster has mentioned.