LastPass November 2014 Your Online Identity · LastPass is not intelligent, itÕs just a program,...
6
LastPass November 2014 First Parish in Wayland - Community Life - www.uuwayland.com Your Online Identity Your username and password are a set of keys that allow you to access your online profiles. e username is assumed to be public while your password is assumed to be private. is username–password combination is the modern version of what used to be your name and signature (it’s not practical to use signatures as a proof of identity online.) On most web site you will build an account or profile that includes at least a username and password. Additional information such as your name, mailing address, purchase history, and credit card number may be elements of the account. For most accounts your username is same as your email address (something everyone knows) and your password (the private piece known only to you) is created by you. Web sites vary widely on the rules for developing a password, which ranges from no criteria at all to a complex set of requirements of how to create a password. ink of your username–password combination as an identity set. Security - e Why We wish we could rely on the firms that operate the web sites we use to keep our username and password identity set secure, but that is wishful thinking. So we have to act on the assumption that our identity set will be exposed, which means that all the care we put into creating a good password and keeping it private is vulnerable exposure. e only solution available to us is to minimize the consequences of when our identity set is exposed. We reduce exposure by using a different password with each firm’s web site so if an account is compromised, they bad guys can’t use the stolen information is access another web site. Security - e Solution A password manager is a soſtware program that stores all of your username-password identity sets in an encrypted format. e password manager maintains the identity set based on the URL (a firm’s a web site address) so when you visit a site the password management program is ready to offer the unique identity set you have built for that particular site. Because the password manager is always available you can rely on it to “remember” all of the unique username-passwords identity sets you use.
Transcript of LastPass November 2014 Your Online Identity · LastPass is not intelligent, itÕs just a program,...
LastPass November 2014
First Parish in Wayland - Community Life - www.uuwayland.com
Your Online IdentityYour username and password are a set of keys that allow you to access your online profiles. The username is assumed to be public while your password is assumed to be private. This username–password combination is the modern version of what used to be your name and signature (it’s not practical to use signatures as a proof of identity online.)
On most web site you will build an account or profile that includes at least a username and password. Additional information such as your name, mailing address, purchase history, and credit card number may be elements of the account.
For most accounts your username is same as your email address (something everyone knows) and your password (the private piece known only to you) is created by you. Web sites vary widely on the rules for developing a password, which ranges from no criteria at all to a complex set of requirements of how to create a password. Think of your username–password combination as an identity set.
Security - The WhyWe wish we could rely on the firms that operate the web sites we use to keep our username and password identity set secure, but that is wishful thinking. So we have to act on the assumption that our identity set will be exposed, which means that all the care we put into creating a good password and keeping it private is vulnerable exposure.
The only solution available to us is to minimize the consequences of when our identity set is exposed. We reduce exposure by using a different password with each firm’s web site so if an account is compromised, they bad guys can’t use the stolen information is access another web site.
Security - The SolutionA password manager is a software program that stores all of your username-password identity sets in an encrypted format. The password manager maintains the identity set based on the URL (a firm’s a web site address) so when you visit a site the password management program is ready to offer the unique identity set you have built for that particular site.
Because the password manager is always available you can rely on it to “remember” all of the unique username-passwords identity sets you use.
LastPass November 2014
First Parish in Wayland - Community Life - www.uuwayland.com
Using LastPass on a “new” web site–a site not in your password vault. These steps show how create an account at Nordstrom.com and add the username-password set information to LastPass at the same time.
The asterisk indicates LastPass is aware this is form for entering a user name and password.
The rectangle indicates LastPass is aware of the form for entering a profile.
Click on the Form Fill icon to bring up a pop-up window with a list of pre-made form data.
The lock encircled by an arrow indicates LastPass is ready to generate a new password.
This will be a personal account at Nordstrom so you will select your “home” or “personal” profile.
Setting up a New Web Site
When you view the login page at the Nordstrom site LastPass reads the web site and inserts icons in the form’s input windows. The icons vary depending on how LastPass interprets the form.
Because you do not have an account at Nordstrom.com, you will fill out the form for a New Customer.
LastPass November 2014
First Parish in Wayland - Community Life - www.uuwayland.com
After selecting the profile LastPass enters your personal information into the web site from. LastPass is not intelligent, it’s just a program, so review the information and change any data that is incorrect. The information you send to Nordstrom is yours to control. Now you will use LastPass to create a password.
Click on the arrow-encircled lock to generate a new password.
LastPass generates a password and displays it in a pop-up window.
Here you can see the suggested password based on the default settings. From this pop-up you can generate another password, change the password length or change all other attributes by clicking on the “Show Advanced Options” button.If you like the suggested password, click the “Use Password” button.
LastPass November 2014
First Parish in Wayland - Community Life - www.uuwayland.com
LastPass fills in the new password here. A pop-up window offers a button to “Save Site”, which you will push.
LastPass fills in the password again here.
Clicking on the “Save Site” in the dialog box above opens a new larger box that displays more of the information you’re about to save. LastPass suggests a “Group” for this site. Here it suggests “Shopping”, which can be changed.
Click on the “Save Site” (again) and the information will be added to your vault. After you save the site in LastPass, press “Create an Account” on the Nordstrom web site.
Now we need to add this site along with the username and password to the LastPass program (the vault.) After you save the site in LastPass, the last step is to click the web site’s “safe” button–in this case Nordstrom.com labeled the button, “Create an Account”.
LastPass November 2014
First Parish in Wayland - Community Life - www.uuwayland.com
You have now created an account at Nordstrom.com as well as saved the login information in your LastPass vault. Now look at the information LastPass has stored in the vault.
The URL field is the actual web page that LastPass will go to in the future. The URL address is often complex because it accesses the site’s background database.
The Name field is the name you will see when the site is listed in your vault. You can change this name at will.
The Folder field shows the name that LastPass suggests your file the site. You can change this folder at will.
The Username field displays your username.
The Password field defaults to showing the hidden dots. Click on the eye icon to display the password.
The Notes field is for your personal notes. This field is only viewable to you, not ever sent to the site.
Favorite - Puts this site into the favorites folder.
Require Password Reprompt - Good for added protection of financial data, e.g., your credit cards.
AutoLogin - Use for site when you have only one identity, making the login process faster with one less click.
LastPass November 2014
First Parish in Wayland - Community Life - www.uuwayland.com
Once a site is built in LastPass you are ready to benefit from the password management work you have done. You can go to a site either directly or you can use the vault inside of LastPass. Either way, once LastPass recognizes that you are at a site it knows, the program will display the login option icon with a number. The number represents the number of identities that this particular URL (web site) has in your vault. For most sites this number will be one.
LastPass is ready to fill in the form and shows it has one identity ready to use. If you had selected AutoLogin for this site, this screen would show briefly and the site would bring you to the next page.
When you click on the asterisk, LastPass displays the username it has in the vault. Verify your selection and LastPass will fill in the username and password identity set.
LastPass fills in the form and you are set to sign in.
