Disable Quick Reminder to change master password every signing up.

cancel
Showing results for 
Search instead for 
Did you mean: 

Disable Quick Reminder to change master password every signing up.

Disable Quick Reminder to change master password every signing up.

Hi,

 

Every single time I login LastPass using my master password an annoying message appears with the below dialog:

===================================================
LastPass Icon
A QUICK REMINDER
We detected that your LastPass master password hasn't been changed in a long time.
To keep your account safe, we recommend changing it.
[LATER] [CHANGE NOW]
===================================================

My LassPass Master Password is very long and safe and  I do not wish to change my password. 

At least you should give users the option to disable this reminder always than user is aware of risk that implies.

 

Please, take a look on this cause it is quite annoying being closing this pop-up every time you log in.

Thanks

14 Comments
Twizzard
Active Contributor

NIST eventually acknowledged that the original recommendation to frequently change passwords was based on absolutely nothing; the guy who wrote the original paper said he once thought that it sounded like a good idea.

 

Later research has shown -- quantitatively -- that changing passwords creates more security problems than it solves (and verifies that updating passwords does not improve security at all).

Former Member
Not applicable

I agree with Twizzard. Please add Disable master password age check option to next update.

 

 

schwieter
New Member

Agreed. Please allow this to be disabled.

BobRay
New Member

+1.  There is no reason for this in the first place and it's incredibly annoying.

 

I'm seriously considering switching password managers because of it.

whycantiusemyex
New Member

I agree, this is infuriating and stupid. Unless LastPass knows of some kind of breach which might have exposed our passwords -- which should be impossible -- then the existence of this reminder is evidence that the team no longer knows much about security at all. A master password is something you remember; it should be very long and complex, and you should not be changing it every five minutes because that encourages people to choose easily-memorized, short, simple passwords, not proper secure ones. You are annoying one segment of your user base and undermining the security of another.

TxAggie
Visitor

++1  I agree, this is VERY annoying.  I have a good password that I DON'T want to change and I use 2FA a well.  This needs to be something we can DISABLE.  I pay for the family stuff.  If this cannot be stopped, I'll look for a new solution as well....

cheefgeek
New Member

+1

Cyreb
Visitor

I agree that this level of incompetence encouraging unsecure password practices has made me seriously consider switching password managers.

 

For those here who want to temporarily disable the alert, someone on Reddit realized you can trick it into thinking you have a new master password by incrementing the number of password iterations.

marcaccioc
New Member

agreed - very annoying.  LastPass how about doing upgrade that make your produce better not worse.  

GlennD
GoTo Manager
Status changed to: Accepted