LastPass Enterprise is a UW CISO approved browser-based password management tool. A password manager remembers your passwords for you, allowing you to choose unique, complex passwords for each of your logins. LastPass Enterprise also allows you to link your LastPass Personal account, allowing you to enter both your UW and Personal logins from the same interface, while keeping them separate. Additionally, teams can set up password sharing folders, to share passwords securely. All Managed Workstation customers are eligible to use LastPass Enterprise.
All UW Employees are eligible to request a LastPass Enterprise account.
Access to the UW’s Enterprise LastPass instance is organizational group-based. An organizational group will first need to have an eligibility group created. More information on creating that group can be found here.
Enrolling in LastPass
Once the steps for activating an eligibility group have been completed, users in that eligibility group can on-board themselves by adding their netid to https://groups.uw.edu/group/u_passman_users_requested in the Groups Service (click on ‘Join this group’). This results in an email that has a time-limited invitation to create their LastPass account. Because the invitation is time-limited, each user should know to expect the email and act on it.
UW Duo MFA is currently enabled on all LastPass accounts. This account controls access to passwords that likely can get to your most sensitive data–it deserves additional protection. Lastpass also supports a wide-variety of other multifactor options.
LastPass provides several methods to recover or reset your master password. It’s very important to note that you must setup these methods before you forget your password. UW LastPass administrators cannot reset your password and have no access to any of your saved passwords.
Use Mobile Account Recovery for iOS or Android
The easiest and most reliable way of resetting your password, regardless of how you typically use LastPass (desktop app, web browser extension, mobile app), is to install the LastPass App on your smartphone. Then, after logging in to the app on the phone, turn on Touch ID/Fingerprint or Face ID authentication. You can then use mobile account recovery for iOS or Android, allowing you to reset your Master Password using biometrics.
Use SMS Recovery to Reset a Forgotten Master Password
This recovery method requires that you have already set up SMS recovery before you forget your Master Password (LastPass has instructions here). This recovery option also requires a valid Recovery One Time Password, which is created when you log in to the LastPass web browser extension on your desktop and have not cleared your cache.
- Navigate to https://lastpass.com/recover.php, enter your email address, then click Continue.
- The system texts your phone a numeric code. Enter this code into your browser, and click Verify.
- Click Click to Recover Account.
- If prompted, complete steps for Multifactor Authentication (if it is enabled on your account).
- When the next window appears advising that Account Recovery has been detected and that you must immediately change your password, click OK to proceed.
- Enter a new Master Password and confirm, then enter Master Password hint (optional but recommended).
- Click Confirm.
- When prompted with a message that your password has changed and advising you to log out manually (if you are not automatically logged out), click OK to proceed.
- Once you have been logged off of LastPass, you can log back in again using your new Master Password.
To begin, click on the LastPass Icon, click the More Options on the drop-down menu and click Advanced, then Import. You will then be shown a web page with a drop down menu for every password manager format that LastPass supports. Most importing is automatic, though some may require additional steps. If you find yourself stuck, LastPass offers a detailed password importing guide.
LastPass Enterprise users can link their Personal LastPass Accounts with their Enterprise Accounts. This enables users to access their personal LastPass entries while using their Enterprise Account, all while keeping the two accounts separate. UW LastPass administrators have no access to any of your saved passwords, personal or enterprise.
To set up a Linked Personal Account, log in to the LastPass browser extension with your Enterprise credentials. Go to the LastPass Plug-In Icon -> My LastPass Vault, and click on the “Link Personal Account” link on the left-hand actions menu. Follow the prompts. If you get stuck or would like instructions on how to unlink your accounts, visit the LastPass Help center.
When your affiliation with the UW comes to an end, your eligibility for a LastPass Enterprise account will also end. This means that your account will be disabled then deleted, and you will no longer have access to the passwords you’ve stored.
If you have passwords or secrets that are not related to the UW, you should store those in a LastPass personal account. These will survive any future affiliation change and loss of your UW LastPass Enterprise account. As mentioned above, you can link your LastPass personal account to your LastPass enterprise account, so you can conveniently use LastPass for both kinds of passwords.
Your eligibility for a UW LastPass Enterprise account is tied to your eligibility for Managed Workstation. The contacts for your MWS customer account provide an eligibility group which informs Managed Workstation that you are eligible. When you are removed from that group, you will lose eligibility for your UW LastPass account.
If your team decides to stop using LastPass you can export your passwords for use in another password manager. To do so go to your LastPass Icon > More Options > Advanced > Export. This will export your usernames and passwords to a .csv file.
Note: this file will be unencrypted plaintext, so we strongly recommend that you don’t e-mail this file or place it on any server. Protect this file like you would your most confidential and sensitive data.