I love LastPass. What a game changer. My suggestion is to eliminate the master password or make it only needed in special cases. I change my master password regularly and keep it complicated and long to provide better protection. For that reason, I keep a copy of my most recent password physically written down—which is of course, silly. What I’d prefer is to have a series of security gates that are app-controlled. For instance, when authentication is needed for LastPass the user passes a biometric gate (e.g., iOS facial identification), and then is prompted for a multifactor app as a second gate (Lastpass Auth), and maybe even make an option for an additional app (Google Auth, or other) if you want another layer of security. Perhaps this sounds convoluted, but it actually sounds better and faster than a long master password. Ultimately, I want to have to get away from having to pull a piece of paper with a password written on it out of my bag multiple times a week. I know I could turn off the session killer on the bookmarklet and phone, but that reduces my security. As a person who did some user experience, I consult with friends about the ideas, but I’m always the one writing to the company! Thanks for considering!
... View more