Product Communities
Sign In Register

display / sort by date of last password change

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Getting started | Community guidelines
Announcements

For more information about the LastPass security incident please visit our blog

display / sort by date of last password change

display / sort by date of last password change

Status: New Submitted by on ‎12-27-2022 01:27 PM
5 Comments (5 New)

for reasons that may be obvious, I have had to go back and change password and userids where possible for many sites.  the lastpass client user experience helps in some ways (e.g. generate strong password is useful) but can be a bit frustrating and tedious for a big task such as this. 

 

I have started to lose track of which sites I have already updated.

 

one can sort by most recently used, but it would be good to be able to see when the account info for an entry was last changed.

5 Comments
studog
Active Contributor
‎01-05-2023 07:40 PM
‎01-05-2023 07:40 PM

I like this idea. It would be great if we had a Last Changed Date column on the Security Dashboard \ Password Security page. This way you could sort all of the password by Last Changed date. Also it would be nice to be able to have a "Risk" added to the same page that you could set a Last Change Date by. IE Let the end user pick a time frame, say 1 year or 6 months, and when a Last Changed Date goes past the defined time, it becomes a "Risk".

nickgrealy
Active Contributor
‎01-15-2023 09:09 PM
‎01-15-2023 09:09 PM
I found a couple of other feature requests related to "show password last changed date".

Please signal boost this feature, by upvoting this issue ->

nickgrealy
Active Contributor
‎01-15-2023 09:10 PM
‎01-15-2023 09:10 PM
I found a few other feature requests related to "show password last changed date".

Please signal boost this feature, by upvoting this issue ->

DubiousUser
Active Contributor
‎01-24-2023 03:39 PM
‎01-24-2023 03:39 PM

The reality is that given their data breach, this feature is essential.  We know that the user vaults were stolen on or about August, 2022 (and perhaps thereafter - LastPass hasn't said exactly). That means any vault containing a password of that age or older is vulnerable should the hackers manage to reverse engineer/decrypt what they have already stolen.  

The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.   [https://blog.lastpass.com/2022/12/notice-of-recent-security-incident]

Unfortunately this doesn't specify what else is "unencrypted" - so e.g. if a notes field is unencrypted and contains sensitive information, hacker may already have that data!

sully9
New Member
‎02-16-2023 09:05 PM
‎02-16-2023 09:05 PM

I would argue this is more important than merely a suggestion - this needs to be fast-tracked.  In fact, it's embarrassing that this feature wasn't dreamed of before, or immediately following the incident, or implemented immediately following the suggestions.

 

It pains me to say this because I have championed LastPass for years but LP/LMI really dropped the ball on so many levels with this incident.  Failing to be on full alert, with counter-measuring and exhaustive risk analysis following the initial August incident.  Since LP/LMI apparently aren't putting lots of effort into keeping safeguards on the data we pay them to secure, the least they can do is help us attempt to mitigate and clean up the security mess they permitted.

About Us
Terms of Service
NEW Privacy Policy
Trademark
© 2023 LogMeIn, Inc. All Rights Reserved