I use Lastpass on several devices, and on my phone. The browser where I use it the most often is on a computer that is NOT password protected, and other people could theoretically use (though only my roommate has easy physical access). If I have save password turned off and tell LastPass to trust this device, I then have to type my password to be able to use LastPass. This isn't terrible, but it would be nice to have some alternate (quick) verification, like a PIN, that was local-only. In the event that a keylogger was installed somehow, that would only grant someone knowledge of the PIN, which would only work on that one device, but the master password would still be secure. The closest option I can think of is instead of trusting this device and having to type my password every time, I could save my password and not trust the device, and use the Lastpass Authenticator app with push 2FA verification. I'm hesitant to do this, though, as I feel like it would reduce my overall security. I'd rather enter a number (or alternate local-only password, or a pattern) to unlock the app, but stay persistently signed in even if I close the browser.
... View more