As an active internet user I’m a member of ~50+ sites and forums that require registration. Below are just some sites I use:

• facebook.com
• rapidshare.com
• drupal.org
• slickdeals.com
• peugeot-cc.com
• linkedin.com
• suomi.ru
• vkontakte.ru
• animesector.ru
• vkontakte.ru

Every site requires unique login/password combination. In addition passwords must be strong, containing mix of characters and numbers ( like “56hfty78kl9” ) to make it difficult to guess. 

Tell me, can you remember 50+ logins and strong passwords? I can’t! 

My approach was simple: I used same login to register to all sites plus I used  one of 2 strong passwords I remembered. This worked well but  this approach has heavy flaws:

1. If one of the sites I use get hacked and my strong password get stolen it could be used for many other sites where I have a registration.
2. I configured Firefox internet browser to remember passwords for some often used sites. It is handy but dangerous at the same time. Unfortunately, Firefox doesn’t protect stored passwords well enough and anyone who has access to my computer can get access to all stored passwords.

At some point I decided I want to manage my passwords somehow. Requirements were simple:

1. all passwords must be strong and different from each other.
2. login/passwords information must be encrypted so no one can get easy access to it.
3. I must have secure access to login/passwords from any computers and from mobile phone.
4. Solution must be free of charge.
5. No need need to remember all those passwords!

LastPASS – the savior?

I read several reviews of password management tools and decided to try www.lastpass.com .  It got good reviews scores. Does it fulfill my requirements?

LastPASS provides an encrypted internet vault where you store all your password protected by one master password. You need to remember only one master password to get access to all stored passwords from any device with internet access. LastPASS means last password to remember. Let’s see whether LastPASS fulfills my requirements.

Requirement 1:

all passwords must be strong and different from each other.

LastPASS can store all kind of strong passwords.  It has strong password generator to help generate secure passwords when you register on any websites. GOOD FOR ME!

Requirement 2:

login/passwords information must be encrypted so no one can get easy access to it.

LastPASS stores all passwords on its servers in encrypted format. Passwords can be decrypted only using master password. LastPASS claims it employees have no access to your passwords since they do not know master password needed for vault decryption. GOOD FOR ME!

Requirement 3:

I must have secure access to login/passwords from any computers and from mobile phone.

LastPASS gives you access to the encrypted vault via internet browser using your master password. Additionally it’s provides applications for most popular mobile phones platforms like iPhone, Symbian etc. GOOD FOR ME!

Requirement 4:

Solution must be free of charge.

LastPASS is free to use on any computer. GOOD FOR ME!

How do they make money then? First , you need to pay 1 euro/months to use LastPASS from mobile phone (at the moment when I’m writing this post). I’m more then willing to pay 12 Euro per year to access well managed passwords from mobile phone.  Second, I think they also offer LastPASS for companies and I’m not sure is it free for the business. May be not.

Requirement 5:

No need need to remember all those passwords.

You need to remember only one master password to LastPASS vault. All other passwords LastPASS remember for you. GOOD FOR ME!

LastPASS fulfills all my requirements. Good ?! There is one huge concern I have regarding storing all passwords in one place.

Concern: What if your master password got stolen?

If this happens hacker:

• gets access to your LastPASS secure vault
• gets  list of all sites where you have a registration
• gets all login/passwords for those sites

Defining the way I use LastPASS I took this concern into account. May be I’m too paranoiac?

LastPASS – my approach

After 1 months usage - I'm absolutely IN LOVE with LastPASS! It is a great tool for password management !

I split my passwords into 2 categories – Important passwords and Whatever passwords taking into account my concern above:

• Important – if I loose these passwords I will loose money or expensive assets.
  • Gmail.com
  • PayPal.com
  • bluehost.com

• Whatever – if I loose these passwords I will not loose money or expensive assets.
  • facebook.com
  • odnoklassniki.ru
  • dpreview.com
  • linkedin.com
  • eBay.com
  • + other 40 sites where I have registration

I have  3 Important vs. 45+ Whatever sites. MY APPROACH:  I use LastPass to generate, store and manage passwords for 45+ Whatever sites. It is 45+ different strong passwords less to remember! Cool!   For 3 Important sites I still remember passwords myself and do not store them in  LastPASS.

LastPASS – everyday use

Upon installation LastPASS will collect all password internet browsers stored on your computer and will store them into secure vault. You will be surprised how unsecure your passwords have been before. Trust me! Then you need to decide on master password  to access LastPASS passwords vault. This is the only password you will need to remember to access sites stored in the vault! This is how LastPASS vault looks like:

I installed LastPASS plug-in for Firefox that automatically log me in into all sites I have stored in the secure password vault. So, I do not need to check vault every time i need a password for the site. Plug-in does it for me. Below are several LastPASS use cases:

Use Case 1: You need to register to a new site

When you open registration form LastPASS proposes you to generate random strong password using combination of characters, numbers etc. When it is done LastPASS automatically fill out sites password fields with generated password. After registration LastPASS offers you to store this site into you password vault.

Use Case 2: You want to login to site where you already registered

• If site is not stored in the LastPASS password vault upon firs log in LastPASS will offer you to store site into the vault.
• If site is in the vault already LastPASS will offer you automatic login into the site.

Use Case 3: You want to change password on the site

LastPASS will offer you to fill previous password and to generate new password automatically. When it is done LastPASS will automatically store new password information in you password vault.

Conclusion:

LastPASS is a solid tool for password management. Now it has one more happy user – me :) There are many other handy features LastPASS offers for you like automatic forms filling etc. Try it out – you will not regret.

Cheers, Alexei

If you like material presented on this site , please SUBSCRIBE to be informed about new blog posts!