For some of my accounts, I don't need to store password, because I log in by 3rd party authorization - e.g. google account. Still I want to store those accounts in LastPass for consistency and to prevent duplicate registrations.
Now I bypass this by filling something like "Use Google account" as username (leaving password blank). More systemic solution would be great. Also there's no point in listing those entries in "bad passwords" list.
I want to second this. Passwords are evolving and LastPass needs to evolve to be helpful when you have a password or are just using "Continue with Google" or "Continue with Apple". It is really important to list these in LastPass in a structured way and would be great to give us an indication when we hit such a page which service we used to "Continue with" so we don't end up with duplicate accounts by continuing with Google once then continuing with Apple another time.
Add a clear structured way to use LastPass for this need...without me having to overload the username field as listed above and without showing as bad passwords in the security checks.
It would be great to have a check box in the advanced settings to "Ignore password in Security Score review". I'd even be okay if it asked me three times "are you sure?"
I use LastPass for it's cross-platform ultra-portability. I keep a handful of much used URLs in my passwords list as it has become second nature to punch in the website I want in LastPass and launch from there. It makes the Security Score messy having to review a bunch of missing and weak passwords and constantly having to "acknowledge that my security stinks".
Finally, and this is the important part: LastPass is the shiznit. I've tried others like Bash Pain and PeeKass(x), they are just too fiddly and maintenance intensive, so I keep coming back to LastPass. Now if only I could get my company to understand how simple and important password managers are.
I could add these as security notes, but that's not great. 3rd partly logins are commonplace, it really seems like Lastpass ought to have a structured way to capture these use cases.
If a user has a missing password is that being considered to calculate their security score? The identifier that the record has a missing password is helpful, however including this to calculate the security score is not logical. The functionality of using LastPass to serve as bookmarks is utilized in organizations. Preventing maintenance of browser bookmarks and users with multiple devices. Sites that do not require a login, don’t have a password. Likewise single sign capability within organizations, do not require the credential to be saved within LastPass.
If sites saved within LastPass with a missing password lower the individual and overall security score, this can mislead an organization overall security score. LastPass administrators monitor the organization’s over security score and audit individual user accounts at risks. Only to find out they are not at risk they are simply utilizing the accessibility feature of LastPass to launch sites.
I created a login just to upvote this suggestion. I was going to write it myself:
As a suscriber who uses LastPass for work and personal, I want LastPass to remember when I've used a Google account to authenticate for a website, so I quickly remember that's my access method, rather than wasting time looking for and possibly attempting to reset an email & password.
I've taken to writing these externally authenticated sites on a piece of paper. It's a sure sign the software could solve the problem.
This could probably be accomplished by being able to associate a note with a particular website, so when I go to that site, I can click the LastPass icon in my browser and see a note that says "You use Google authentication for this site" or something like that. Would make so many things easier in this world of third-party authentication. Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.