LastPass

LastPass is a secure password management tool that can store passwords in an encrypted environment. LastPass is available on desktop/laptop computers in the form of a browser extension or Application that can be installed from the Mac App Store or Windows 10 App Store. On mobile devices, LastPass is available as an app which can be downloaded for free from the Apple App Store or Google Play Store.

What is LastPass
How to obtain LastPass (if you do not already have a personal LastPass account)

1. Visit the Princeton LastPass Portal at:  https://lastpass.com/princeton.

2. Enter your Princeton email address, as well as a personal email address, and click SubmitPrinceton will not have access to any of the information stored in your personal account. Your @princeton.edu email address is required at this step only so that LastPass can confirm your status as a PU student, faculty, or staff.

LastPass Premium webpage

 

3. Next, you will see a “congratulations” notification:

LastPass Congratulations - Upgraded Account

 

4. You will then receive a confirmation email in your Princeton University email inbox. Click the Create My Account link.

LastPass Create My Account Email

 

5. On the Create an Account page, enter a New Master Password* and Confirm Your Master Password.  It’s also recommended that you enter a password ReminderClick Create My Account. *Remember to make it a good, memorable password, as it will protect all your other passwords!

LastPass Create My Account Dialog Box

 

6. Click Confirm to redeem a free upgrade to LastPass personal Premium for your account.

Redeem LastPass Premium

 

7. You should see a notification that your account has been updated:

Welcome to LastPass - Install Browser Extension

 

8. LastPass works as an extension of your browser to keep your passwords in a secure and encrypted environment. If the browser extension* is not already installed, install it.  Here is what the LastPass browser extension looks like:

LastPass Browser Extension

*Please note that the preferred browsers to use with LastPass are:  Chrome, Firefox, and Edge.  Internet Explorer for Windows and Safari for Macs are NOT recommended.

 

9. You are ready to use LastPass!  Click on the browser extensionEnter your Email, Master Password, and click Log In.

How to obtain LastPass (if you already have a LastPass account)

1. Visit the Princeton LastPass Portal at:  https://lastpass.com/princeton.

2. Enter your Princeton email address, as well as a personal email address, and click Submit. This way, we can guarantee you receive the Premium version. If you already have the Premium version, one additional year of free Premium will be added to your account.

LastPass Premium webpage

 

3. You will then receive a confirmation email in your PU email inbox. Click the Upgrade My Account link. LastPass upgrade my account email

 

4. On the Activate Your Account screen click Log In.

LastPass Activate my Account

 

5. Login to LastPass with your existing personal account credentials.  Enter your personal Email, Password, and click Log In.

Login to Access LastPass

 

6. You will be prompted for Duo multifactor authentication.  Select your preferred authentication method.

LastPass Multifactor Prompt

 

7.  Click Confirm to redeem LastPass Premium.

8.  You will see that your account status has been updated. If you have not already done so, download the LastPass browser extensions.

LastPass works as an extension of your browser to keep your passwords in a secure and encrypted environment. Download the extension for your browser. You can also download the LastPass mobile app to your mobile device to keep your passwords secure on the go. Visit your device’s app store to download the app. Welcome to LastPass!

 

9.  Congratulations!  You now have upgraded your personal account to LastPass Premium.  You can check your account type by going to the browser extension and clicking on Account Settings. Here you can view your account type (it should read “LastPass Premium User” and the account expiration date).

LastPass Account Settings

 

LastPass Account Information

LastPass FAQs
Can LastPass or Princeton see my data?

No. Your information is available to you and only you. LastPass vaults are encrypted with bank-level, AES 256-bit encryption. LastPass does not have a key to unlock your encrypted data.

Can I import data from a different password manager?

Yes. Instructions on how to import data are available on the LastPass website.

What happens if I already have a personal LastPass account?

If you already have a personal LastPass account associated with a personal email address, you are entitled to upgrade to the Premium version at no cost. The Premium and Enterprise accounts may be linked, so you can access your personal account in the same view as your Enterprise account. The accounts are not joined, but are viewable in the same window. If you already have a paid-for, personal Premium LastPass account, one additional year of Premium will be added to your account for free.

Is LastPass mandatory?

The use of LastPass is not mandatory but is highly recommended by the Information Security Office.

What if I forget my master password?

If cannot remember your Master Password, visit https://lastpass.com/forgot.php to enter your email and have your password hint sent to you. The information that LastPass will email you is only what you entered as your password hint when you registered your Master Password. Neither LastPass nor Princeton has access to your Master Password. LastPass cannot send you more than your password hint. If the hint does not enable you to remember your you may need to initiate the Account Recovery process.

What if I already have a LastPass account associated with my Princeton email address?

If you already have a LastPass account associated with your Princeton email address, please continue with activating your Princeton Enterprise LastPass account. Once your account is associated with Princeton’s Enterprise services, please proceed with activating a personal LastPass account with a non-Princeton email address. University-related passwords should be stored in the Enterprise account, and personal passwords should be stored in the personal Premium account. You can link these two accounts together and migrate any personal account information from your University account to your new personal account. Visit the LastPass website for instructions on how to migrate the data.

Can Princeton see my personal passwords?

No, the passwords stored in your personal account are only visible by you. Princeton nor LastPass can see them.

What happens when I leave Princeton?

When you leave Princeton, you will no longer have access to the passwords stored in your Enterprise account, and your personal Premium account will be unlinked from your Enterprise account. You will continue to have access to the contents of your personal Premium vault.

How can I use both my Enterprise and personal Premium accounts at the same time?

Within the LastPass browser extension, you have the option to link your personal Premium account to your Enterprise account. This does not merge the accounts, but instead makes your personal vault visible within your Enterprise vault. If you login with your personal account Master Password, you will only see your personal account information. If you login with your Enterprise Master Password, you will see your Enterprise account information, as well as another section containing your personal account information. For more information on linking accounts, visit the LastPass website.

Where do I get the browser extension?

The browser extension can be downloaded from the LastPass website. Please note that the preferred browsers to use with LastPass are: Chrome, Firefox, and Edge. Internet Explorer for Windows and Safari for Macs are NOT recommended.

What kind of encryption is used and where?

LastPass encrypts user data with the trusted algorithm Advanced Encryption Standard (AES) in Cipher Block Chaining (CBC) mode with a 256-bit key generated from each user’s master password. The AES 256-bit algorithm is widely-accepted as impenetrable and is the same military-grade encryption used by banks and the US military to secure Top Secret data. The encrypted user data is transported to LastPass servers using TLS.

Can I share passwords with other users in my organization?

Yes, you can create folders of passwords to share with other users in your organization.

Can I use it with my phone?

Yes, LastPass supports every major smartphone and tablet, including Android, iOS, BlackBerry, and Windows Mobile devices. More information is available here: https://helpdesk.lastpass.com/lastpass-mobile/