Using LastPass without plugin?

By Bhav
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

Bhav

Posted
Posted

Hey, so I've started using LastPass and I'm in the process of updating passwords to randomly generated ones.

This is fine when I'm using my own computer, as the plugin is installed so all I need to remember is my master password.

But what's the solution if I'm using a different computer and can't install the plugin? (e.g. public computer, friend's computer etc)

Link to comment
https://www.neowin.net/forum/topic/985678-using-lastpass-without-plugin/
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

just access the lastpass website and you can access all your passwords.

you could also store passwords on thumbdrive, etc.

http://helpdesk.lastpass.com/lastpass-portable/

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

https://lastpass.com/support_faqs.php

AES utilizing 256-bit keys.AES-256 is accepted by the US Government for protecting TOP SECRET data. AES is implemented in JavaScript for the LastPass.com website, and in C++ for speed in the Internet Explorer and Firefox plug-ins. This is important because your sensitive data is always encrypted and decrypted locally on your computer before being synchronized. Your master password never leaves your computer and your key never leaves your computer. No one at LastPass (or anywhere else) can decrypt your data without you giving up your password (we will never ask you for it). Your key is created by taking a SHA-256 hash of your password. When you login, we make a hash of your username concatenated with your password, and that hash is what's sent to verify if you can download your encrypted data.

Your LastPass Master password and encryption key generated from it never leaves your computer - so you are the only person who can decrypt your data

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

passwords are never "displayed" in clear text. Unless you go into the interface and say show.

You can copy the usernames and passwords from the website from a public computer, or you could use a complete portable solution with say firefox on a usb and lastpass on the usb as well.

Grand Master

Bhav

Posted
  • Author
Posted
  On 28/03/2011 at 16:40, xWhiplash said:

So when you log in to it on a public computer without the plugin, are the passwords displayed in plain text? How does it work on public machines?

Yeah you're able to copy + paste without revealing the passwords themselves, though you can 'show' if you want (which is a little too easy to click for my liking, but it's ok)

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted
  On 27/03/2011 at 17:30, Bhav said:

Hey, so I've started using LastPass and I'm in the process of updating passwords to randomly generated ones.

This is fine when I'm using my own computer, as the plugin is installed so all I need to remember is my master password.

But what's the solution if I'm using a different computer and can't install the plugin? (e.g. public computer, friend's computer etc)

Ohhh interesting, didn't know it did this.

I'll have to go have a look at it, I assume there is a firefox extension? Yes I know pretty lame thing to ask when it takes a minute to look up, but I'm heading out in 5.

Grand Master

Bhav

Posted
  • Author
Posted
  On 28/03/2011 at 17:20, Audioboxer said:

Ohhh interesting, didn't know it did this.

I'll have to go have a look at it, I assume there is a firefox extension? Yes I know pretty lame thing to ask when it takes a minute to look up, but I'm heading out in 5.

Yeah if you just download the exe off the website, you can install plugins for Firefox, IE and Chrome in one go.

And the plugin itself has the random generator, with which you can specify number of characters, upper/lower case, numbers etc.

It usually detects that you're changing passwords too, so a little bar drops down offering to fill your current password and generate a new one. Pretty clever really.

There are lots of LastPass guides/tips you might want to google for, as they give a good idea of all its nifty features.

Grand Master

Bhav

Posted
  • Author
Posted

Hmm...maybe I'm wrong, looks like copy + pasting without revealing doesn't work, it just pastes the masked dots.

So yeah this seems like a bit of a weakness.

On the one hand, you can log into your lastpass account anywhere, create a bookmarklet and that will let you log into wherever you need.

On the other hand, if you log into your lastpass account, you can easily reveal your password by clicking "show"...which obviously shouldn't really be so simple.

I guess that's why the master password needs to be extremely strong.

(The bookmarklet also works on Android)

Edit: Oh! When you log into the lastpass website, you can just double click on the site you want to log into. So no need to go anywhere near revealing the password. You just double click, it takes you to the site and tries to log in.

http://forums.lastpass.com/viewtopic.php?f=12&t=114&start=0

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted
  On 28/03/2011 at 17:57, Bhav said:

Hmm...maybe I'm wrong, looks like copy + pasting without revealing doesn't work, it just pastes the masked dots.

So yeah this seems like a bit of a weakness.

On the one hand, you can log into your lastpass account anywhere, create a bookmarklet and that will let you log into wherever you need.

On the other hand, if you log into your lastpass account, you can easily reveal your password by clicking "show"...which obviously shouldn't really be so simple.

I guess that's why the master password needs to be extremely strong.

(The bookmarklet also works on Android)

Edit: Oh! When you log into the lastpass website, you can just double click on the site you want to log into. So no need to go anywhere near revealing the password. You just double click, it takes you to the site and tries to log in.

http://forums.lastpass.com/viewtopic.php?f=12&t=114&start=0

Awesome! I'm just back and was doing a bit of reading and it's good to see it'll be easy to use sites on other people's computers. I was a bit apprehensive to use generated passwords as there is NO chance I'm remembering them :laugh:

Grand Master

Bhav

Posted
  • Author
Posted
  On 28/03/2011 at 18:05, Audioboxer said:

Awesome! I'm just back and was going a bit of reading and it's good to see it'll be easy to use sites on other people's computers. I was a bit apprehensive to use generated passwords as there is NO chance I'm remembering them :laugh:

Yeah precisely, that was my apprehension too. But actually my using of firefox has changed very little because everything is just saved in a very similar way to the built-in password manager. The make-or-break will be whether or not it works smoothly when I'm using a different computer...which I'll test properly later.

Rising Star

TangoEight

Posted
Posted
  On 27/03/2011 at 17:33, BudMan said:

just access the lastpass website and you can access all your passwords.

you could also store passwords on thumbdrive, etc.

http://helpdesk.lastpass.com/lastpass-portable/

Have been using lastpass for a while now but never knew about this thanks :D

Grand Master

Bhav

Posted
  • Author
Posted

Ah damit.

So just went onto my brother's computer, which doesn't have the plugin installed.

Logged into lastpass.com, tried double clicking on a site in my list of logins, and it just opens up that entry and offers to show the password.

I guess that'll get the job done, but it's not ideal. So the most appropriate solution will be to use a bookmarklet (or the portable usb thing, which is too much hassle imo)

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted
  On 28/03/2011 at 18:08, Bhav said:

Yeah precisely, that was my apprehension too. But actually my using of firefox has changed very little because everything is just saved in a very similar way to the built-in password manager. The make-or-break will be whether or not it works smoothly when I'm using a different computer...which I'll test properly later.

When you're on another computer without lastpass and you login to your vault, double clicking or clicking visit URL does NOT automatically enter the password. You have to manually copy it which means clicking show.

edit: Just noticed your post above :p

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted
  On 28/03/2011 at 18:47, Bhav said:

Yeah, think I might post on the official forums, see if they have a solution (or at the very least, highlight that it's something they should look into).

Bookmarklets does the trick, the only thing is if you leave it as a bookmark on someones PC can they not just have a field trip with your passwords? Guess you just have to remember to log out of lastpass.com.

Grand Master

Bhav

Posted
  • Author
Posted
  On 28/03/2011 at 18:51, Audioboxer said:

Bookmarklets does the trick, the only thing is if you leave it as a bookmark on someones PC can they not just have a field trip with your passwords? Guess you just have to remember to log out of lastpass.com.

Yeah you need to log out. Again, not ideal.

It really would be the best solution if you could just double click!

Anyway, will see what they say over there.

http://forums.lastpass.com/viewtopic.php?f=12&t=65639

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted
  On 28/03/2011 at 18:56, Bhav said:

Yeah you need to log out. Again, not ideal.

It really would be the best solution if you could just double click!

Anyway, will see what they say over there.

http://forums.lastpass.com/viewtopic.php?f=12&t=65639

Look forward to seeing if there's any other solutions. I don't think they'll be able to get it working from double clicking - I think that only works for us as the plugin is installed. Don't think there will be a way to inject your username/password on a vanilla setup, hence why they have the bookmarklet option.

Grand Master

Bhav

Posted
  • Author
Posted

Hmm yeah you're probably right there...I'm guessing it's the whole local encryption/plugin combo.

Gah, well I guess the bookmarklet is workable in most situations I'm likely to come across...and perhaps a relatively small price to pay for security.

While I was reading up on this, it kinda dawned on me how poor my password set up was. I mean, if one crappy website/forum I'd signed up to revealed my email address and password, anyone would have access to my amazon, play.com, paypal etc. Would be a *slight* disaster :unsure:

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted
  On 28/03/2011 at 19:03, Bhav said:

Hmm yeah you're probably right there...I'm guessing it's the whole local encryption/plugin combo.

Gah, well I guess the bookmarklet is workable in most situations I'm likely to come across...and perhaps a relatively small price to pay for security.

While I was reading up on this, it kinda dawned on me how poor my password set up was. I mean, if one crappy website/forum I'd signed up to revealed my email address and password, anyone would have access to my amazon, play.com, paypal etc. Would be a *slight* disaster :unsure:

Same I used the same password for nearly everything, with a little bit of variation on some sites.

I guess the scare with lastpass though is if anyone gets THAT password you're royally ****ed :p

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

you can always recover the password, and since you would be using the password prob daily, if not multiple times a day - if you forget it you clearly are severely mentally challenged ;) And prob wouldn't know the difference between a computer and a etch-a-sketch anyway ;)

http://helpdesk.lastpass.com/account-recovery/

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted
  On 28/03/2011 at 19:49, BudMan said:

you can always recover the password, and since you would be using the password prob daily, if not multiple times a day - if you forget it you clearly are severely mentally challenged ;) And prob wouldn't know the difference between a computer and a etch-a-sketch anyway ;)

http://helpdesk.lastpass.com/account-recovery/

Me? I wasn't talking about forgetting my password, I meant if someone found it out :p

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Apple CarPlay to let you stream iPhone videos to your car screen

      By Sagar Naresh · Posted

      Apple CarPlay to let you stream iPhone videos to your car screen by Sagar Naresh Bhavsar In an official post for developers, Apple announced that CarPlay users will be able to watch iPhone videos on their car's display. This feature will be powered by Apple AirPlay, allowing users to stream videos wirelessly from their iPhones to their car's infotainment screen. For safety reasons, users will be able to enjoy videos on their car's display, but only when their vehicle is parked. Users won't be able to watch videos while the car is on the move. The connected iPhone will automatically detect when the car moves and will stop playing the video to avoid driver distraction. According to Apple, devs need to "integrate support for CarPlay with AirPlay video to enable this feature in your car." Carmakers will need to add support for CarPlay with AirPlay video to let users watch videos in their cars. So, this may take a while to roll out. Apple hasn't specifically mentioned whether it will be exclusive to the newly introduced and limited CarPlay Ultra, or standard CarPlay users will also be able to enjoy videos through AirPlay on their car's screen. Also, there is no clarity if existing models will get support via software update, or if it will be limited to newer models only. On the Android side, Google has also announced a bunch of new capabilities soon to be coming to Android Auto. The company has extended support for weather apps in beta for Android Auto and has confirmed that Android Auto will soon support video and browser apps as well. Image via Depositphotos
    • Rufus 4.8 brings performance boost for Windows ISOs

      By Nandiman · Posted

      For a moment there I thought it speeds up Windows installation, but alas...
    • PNY's DUO LINK V3 promises truly incredible speed for a USB flash drive

      By hellowalkman · Posted

      PNY's DUO LINK V3 promises truly incredible speed for a USB flash drive by Sayan Sen PNY today announced a new USB flash drive that blends modern design with high performance. The new DUO LINK™ V3 supports USB 3.2 Gen 2 and offers both Type-C and Type-A connectors. Housed in a metal shell with a matte black finish, the device is built for users who need reliable results when transferring and storing files. The drive is available in multiple storage sizes ranging from 256GB, all the way up to 2TB. According to PNY, the DUO LINK V3 is engineered to deliver read speeds of up to 1,000 MB/s and write speeds of up to 800 MB/s. These speeds are significantly higher than those achieved by standard USB 2.0 flash drives, allowing users to move large files. The product reminds us of the "Poxiao" flash memory we recently covered, which promises even more incredible speeds. The DUO LINK V3 flash drive’s design uses the common swivel mechanism with dual connectors. One side of the device features a USB Type-C connector, while the other side has a USB Type-A connector. This dual-connector system is intended to maximize compatibility, making the DUO LINK V3 useful across a broad range of devices, including smartphones, tablets, laptops, and desktop computers. Thus, in practical terms, users can easily manage files between newer mobile devices and traditional computers without needing extra adapters. Durability and ease of use are emphasized by the metal housing, which is designed to protect the drive during everyday handling. A built-in key loop further supports portability, an important factor for professionals who need to carry important data with them. The device also maintains backward compatibility with older USB standards such as USB 3.2 Gen 1, USB 3.0, and USB 2.0, ensuring that users will find it adaptable to many existing systems. The DUO LINK V3 flash drive is now available directly from PNY and through selected online marketplaces like Amazon. The pricing starts at $34.99 for the 256GB version and reaches $159.99 for the 2TB version. This release provides users with a tool that meets the growing demands of data-intensive work while remaining accessible to those needing a reliable and versatile storage solution. This article was generated with some help from AI and reviewed by an editor. As an Amazon Associate we earn from qualifying purchases.
    • Air India Ahmedabad-London flight crashes near airport in Meghani area

      By hellowalkman · Posted

      Message from Campbell Wilson, MD & CEO, Air India: https://www.instagram.com/airindia/reel/DKzZQUPhafx/
    • Elon Musk once again claims Tesla robotaxis are coming soon

      By AnalystDan · Posted

      I mean they have been proven to be safer than human drivers in many cases so at the end of the day they will be allowed on the road, the fact that you don't trust them doesn't mean that policy has to be changed to make you more comfortable I am afraid.

  • Recent Achievements

    • Week One Done
      fashionuae earned a badge
      Week One Done
    • One Month Later
      fashionuae earned a badge
      One Month Later
    • Week One Done
      elsafaacompany earned a badge
      Week One Done
    • Week One Done
      Yianis earned a badge
      Week One Done
    • Veteran
      Travesty went up a rank
      Veteran

  • Popular Contributors

    1. 1
      +primortal
      508
    2. 2
      ATLien_0
      263
    3. 3
      +FloatingFatMan
      193
    4. 4
      +Edouard
      174
    5. 5
      snowy owl
      125
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!