written by: Pranav Thadeshwar•edited by: Bill Bunter•updated: 5/6/2010
Do you use multiple computers across various locations? Tired of remembering various randomly-generated passwords for all your websites? Need a secure place to store all your passwords and keep them easily accessible? I might have an answer, and it's called LastPass.
slide 1 of 7
LastPass is free password management application which ties into your web browser and offers a host of very useful features. In keeping with the theme of all new web-based applications these days, the application is linked to a cloud which will store your passwords in encrypted form. This will allow you to use multiple computers around the house or the World and have a synchronised password-database. Let's check out its features!
slide 2 of 7
Installation & Interface
The Installation screen is non-standard and contains big red-colored buttons and graphics. But since you only have to go through this step once on each computer, it's easy to let it slide for the functionality it offers. The interface is in the form of a browser plugin which is available for Mozilla Firefox and Internet Explorer, and a web-based management interface if you're on an untrusted system or cannot install plugins/extensions on that computer.
The interface offers a lot of choices for seemingly minor things. For people who want to just setup-and-go, this can get a bit frustrating. For people who love to configure each option according to their needs, this is heaven. For example, you have an option to set the timeout after which the clipboard will be cleared. It's one of those things which can go either way, and your mileage will definitely vary.
slide 3 of 7
Here is the feature list advertised by the LastPass people:
One Master Password
Automatic Form Filling
One Click Login
Multiple Browser Synchronization
Share Logins with Friends
Import Data from Various Sources
Export Data to Various Formats
Backup & Restore Data
Secure Password Generation
Universal Access through Browser Plugins and Web-Interface
LastPass Pocket for Portable Storage
OnScreen Keyboard to thwart Keyloggers
The ability to have a synchronized password database across computers is a very useful thing to have. Add to that, the password database will never leave your computer unencrypted. This means that the database uploaded to LastPass' servers for synchronization is already encrypted and there is no danger of anyone sniffing the transfer in between and getting your passwords. Automatic form-filling is a bonus but always be aware that you're handing out your personal data to a third-party, and while the company/group might have the best of intentions, it's not too smart to trust anyone with securing your personal data safely.
slide 4 of 7
Check out my review and experience with LastPass. I installed LastPass on my desktop and laptop which was running a dualboot configuration. Find out if LastPass is as good as it seems to be.
slide 5 of 7
In my time of using it, I've found LastPass to be very intuitive once it's up and installed. During the install, LastPass will scan your browsers for saved passwords and show them to you (prepare to be shocked at how easy it is for an application to see your browser passwords!). You can then choose to migrate these passwords to the LastPass database, which is what I did. After installation, LastPass will disable Firefox's built-in insecure password manager and set itself as the default password manager, watching for any new password entries and asking you if you want to save the details to the database.
It will also import your password data from multiple sources, including KeePass, RoboForm, Password Safe and so on. I successfully imported my password database from KeePass and migrated it to LastPass. Impressive!
I tried multiple-PC synchronization between my desktop running Mozilla Firefox and Windows XP, and my laptop running Mozilla Firefox and a dualboot configuration of Windows 7 RC and Gentoo Linux. Apart from having to install and setup the software multiple times, the synchronization was a breeze and worked well between browsers, computers and operating systems. The thing that pleased me most was that the unencrypted database never leaves your computers. Any and all synchronization happens with an encrypted file across computers.
The web-interface is full of AJAX which might look cool but is inherently useless on old browsers which might not support the browser plugin. This is one thing which I'm not too happy with, since I sometimes have to browse the Internet on a command-line interface with lynx. LastPass people, please take notice!
slide 6 of 7
So what is my opinion on LastPass after all this? I'm not going to beat around the bush here, the software is very very good. While I'm not going to be using all of its features (Automatic form filling, sharing logins), the application manages to fulfill a purpose better than other password managers available in the market today. It managed to import all my passwords, save them in an encrypted database and synchronize it across my computers and operating systems. I've already gotten used to Foxmarks/Xmarks which is a browser-bookmarks synchronization service and LastPass is one of those tools which will be used by me on every system. All you have to remember is one master password which will then unlock the database full of (hopefully!) randomly generated secure passwords for every website you're going to need authentication for.
All in all, a wonderful application for the great price of FREE!