February 2024, Tool Spotlight

Tool Spotlight: LastPass

illustrated image of a computer and phone with password locks and checks

Recently, Clark University has partnered with LastPass, a password management application, to help students, staff, and faculty on campus protect their passwords and keep their accounts secure. There are multiple ways to access LastPass on your device or phone for ease of use.  

Why should I use LastPass?

We’re often told to create strong, complicated passwords and avoid reusing the same ones for different sites and apps in order to make our online lives more secure. Since most of us have so many accounts for different purposes, however, it can be difficult to create and remember so many passwords. 

Fortunately, LastPass can store all your passwords securely, so you don’t have to worry about remembering them. This allows you to use unique, strong passwords for all your important accounts (rather than using the same password for all of them, which you should never do). 

In addition, many password managers are helpful because they can: 

  • synchronize your passwords across your different devices, making it easier to log on, wherever you are, and whatever you’re using 
  • help spot fake websites, which will protect you from phishing attacks 
  • let you know if you’re re-using the same password across different accounts 
  • notify you if your password appears within a known data breach so you know if you need to change it 
  • work across platforms, so you could (for example) use a single password manager that would work for your iPhone and your Windows desktop 

How secure is LastPass?

Clark’s implementation of LastPass has been designed to maximize the level of security, to the highest possible. Multiple departments, including ITS, rely on LastPass to protect credentials. The combination of LastPass and its integration with your existing Clark credentials in Microsoft, required password complexity, and multifactor authentication offers enhanced security of your content within LastPass. This architecture requires both LastPass and Microsoft be compromised to access our Vaults.   

Is there a difference between letting my browser save my passwords and letting LastPass save them? 

Yes. Because “very few people ever log out of their browser profile,” passwords stored in your internet browser such as Chrome, Safari, or Firefox are left “decrypted and available” most of the time, according to LastPass employee Amber Steel. With a password manager, “encryption and decryption happen locally on the device” and therefore provide an extra layer of security.  

How can I learn more?

Click here to check out the Lastpass page on the ITS website!