cancel
Showing results for 
Search instead for 
Did you mean: 
AshC
GoTo Manager

Re: Disable "Password at risk" -- UI Design Flaw

@edreilly  You can now exclude specific password entries from the security check, from within the Vault itself by clicking the three dots next to each one and selecting Exclude from security score.  This might help you with visibility and awareness when viewing the password list at a glance. 

 


Ash is a member of the LastPass Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
edreilly
Active Contributor

Re: Disable "Password at risk" -- UI Design Flaw

Ash, Thank you. I looked for a three dot button next to a password item, and could not find it.  Could you please describe where the button is, or perhaps attach a screenshot?   By the way, if you are speaking about a list within the Security Dashboard view, I have a free account and no access.

AshC
GoTo Manager

Re: Disable "Password at risk" -- UI Design Flaw

@edreilly  It should look like this: 

AshC_0-1656099518896.png

Reference support guide is available here:  https://support.lastpass.com/help/how-to-exclude-password-from-security-score-calculation 


Ash is a member of the LastPass Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
edreilly
Active Contributor

Re: Disable "Password at risk" -- UI Design Flaw

Thank you. Let me say part of my last post in a different way. What I said on the last post was "... if you are speaking about a list within the Security Dashboard view, I have a free account and no access."

 

What that means is I have a free account. I don't have a paid account. The Security Dashboard view only comes with the paid account. The Security Dashboard view is not available for people like me who have a free account. The feature to exclude passwords from the security score, to prevent a false red alert "Password at risk", is only available for paid accounts. This comes to me as a design flaw. By design flaw I mean the user experience is degraded. I have a free account, so I get that things will be different. But the uneditable red alerts are relatively new. So it's like something bad was added. It's Ok with me if you choose to degrade your product for free users, but it's possible your QA people missed this. That's ok with me also.

 

If there is a way for Free account holders to exclude passwords from the security score calculation, I am interested to learn how.

barry7
New Member

Re: Disable "Password at risk" -- UI Design Flaw

like the person said, a lot of these passwords are simple, yet my important sites are safer.

 

how can i disable the security dashboard?  I know what i'm doing, and don't need nanny.. Dropbox also has a manager and so does Vivaldi, Firefox, etc.... so please listen to your paying customers

AshC
GoTo Manager

Re: Disable "Password at risk" -- UI Design Flaw

Hi everyone,

You can now easily exclude passwords from the security check, avoiding the 'at risk' tag by following these instructions:  

  1. Log in to LastPass and access your vault by doing either of the following:
    • In your web browser toolbar, click the LastPass icon AshC_0-1659657474810.png and select Open My Vault.
    • Go to https://lastpass.com/?ac=1 and log in with your email address and master password.
  2. Select Account Settings in the left navigation.
  3. Click the General tab, then select Show Advanced Settings.
  4. Select Disable Password Alerts.
  5. Select Update, then re-enter your LastPass master password to confirm the update.

Reference guide:  https://support.lastpass.com/help/how-do-i-disable-password-alerts-for-at-risk-passwords 

 


Ash is a member of the LastPass Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Former Member
Not applicable

Re: Disable "Password at risk" -- UI Design Flaw

Not a flaw. Perhaps i may be missing something here, but isn't the whole point of a Vault (particularly what LastPass attempts to alert users to) is all designed to "secure" your passwords If a field is empty or you just store weak password there anyway for 'convenience" across all websites, then they ARE alerting you to a problem, why should you ignore it? It goes against why you'd be using it in the first place i would have thought.

In a totally related matter, there IS a flaw here i believe... I have my password flagged as "weak" on a site i keep updating for months,, (from Security Dashboard)

I can understand if I made that password simple. but this is a password recommended as secure "once" by LP themselves. Why 1 year later would they flag IT has weak,., ? At first i thought it was based on how long you have used without changing the affected password, but most other password i've never updated in years ,and to this day, they've been fine.

Its not a breach,, its just 'weak" so to speak, (.at least LP thinks it is) . Ideally, i'm ignoring it for now, but this would be a bug (...totally separate from the user saving a weak passwords above)

MrPeteH
Active Contributor

SERIOUS BUGS Re: Disable "Password at risk" -- UI Design Flaw

@AshC your advice on disabling Password At Risk was ALMOST correct.

 

I've diagnosed the BUG involved, and am reporting it to you below. I hope this can be addressed.

 

PLUS: please know WHY I 100% **have* to disable the Password At Risk feature. I consider the reason a second extremely serious bug, also reported below. In fact, I'll discuss it first.

 

Thanks for all you do!

Pete (A long term SW Dev/Architect. You get my help for free 😉 )

----

BUG: "Password At Risk" feature destroys performance of LP, makes it feel broken

Context: I have an  i9-11900H  (8 Core) computer with 64GB of RAM, and 5GB/sec NvME disk. Fast.

 

With Password At Risk enabled:

* Opening the vault takes more than a minute

* There's a 60+ sec pause when completing ANY  vault task (save an edit, move item to new folder, save change in acct, etc etc)
* The only way to know I can do something is to keep clicking in the data entry line at the top of the vault, eventually getting a cursor there.

* LastPass fails to provide a suggested vault entry for most websites in any reasonable time (ie wait a minute or two.) It feels like it is not working.

 

Clearly, this is a serious bug. Recalculating "Password at Risk" should NOT:

- Run in the foreground

- Delay ANY UI/UX functions

- Be recalculated after every user action

 

Yet that IS what happens. On every computer, every browser. It's truly AWFUL.

 

Now that I have disabled it, LastPass works GREAT!!!!

 

BUG: Disabling Password At Risk is almost impossible

The UI for Enabling/Disabling Password At Risk is seriously broken.

 

A. Advanced Settings Selection UI Is Broken

1. In the vault select Account Settings in the left navigation.

2. Click the General tab, then select Show Advanced Settings.

 

NOTE: Advanced Settings WILL appear.

3. Click "Show Advanced Settings" again. It will not disappear.

4. Perform a change as described below. You will not be able to re-enter "Advanced Settings" again without closing and re-opening the vault.

Advanced Settings Should Be re-Enterable

 

B.  Disable Password Alerts UI is broken

5. Note that the button for "Disable Password Alerts" is clear, and the wording is the same, no matter if Password Alerts are Enabled or Disabled.

6. Click on Disable Password Alerts.

  • The entire Advanced Settings UI will close (at least if Pw Alerts used to be enabled)
  • When you go back in, the UI looks exactly the same.

The user must guess as to whether Password Alerts are enabled or disabled.

 

In my case, I guessed that the disable did work, so I exited settings.

voila! No more alerts, and the UI is suddenly WONDERFUL. (See bug report above.)

 

I am rather certain that users who have been unable to disable Pw Alerts went and tried again, because it didn't appear to change in the Advanced Settings... and thus accidentally re-enabled alerts. 😞

MrPeteH
Active Contributor

Re: SERIOUS BUGS Re: Disable "Password at risk" -- UI Design Flaw

(May want to suggest that they avoid compare methods that are O(n2) as well)

MrPeteH
Active Contributor

Re: SERIOUS BUGS Re: Disable "Password at risk" -- UI Design Flaw

Oh, you're @AshC_LP now 😉