I was just reading about a new vulnerability where an "advertiser" creates fake, hidden username and password fields on a webpage. The password manager sees them and if auto fill is turned on, will fill them for the "advertiser" to capture. Seems like a simple hack to create...
I literally have hundreds of passwords stored in my lastpass vault. Is there anyway to search for ones that may have autologin turned on?
You can edit entries in your vault to disable Auto-Login for that entry to ensure it does not log in automatically, or you can choose to require a master password reprompt so that you will have to enter you master password upon logging in to a site:
Sorry about that. Currently these is not a way to search or automatically organize vault entries by if they have Auto Login enabled, the process would need to be done manually for each item in the vault. I have passed this idea along to our developers, however, for consideration in future updates as this would be a good tool to have to better increase security.