For LastPass users, you already know how great this free service is. It’s the best way to keep your passwords secure. Today, I want to talk about another feature I heard about on the Steve Gibson Security Now Podcast.
One Time Passwords
Perhaps you’re traveling and have internet access on a public computer and you need to get something from your LastPass vault. Of course, you wouldn’t want to enter in your master password at a public site – there could be a keylogger on the machine for all you know.
With LastPass, you can generate your own One Time Passwords and print them out and put in your wallet. While at a public hotspot, enter in one of the numbers and wa-la, you’re in! Since it’s one time, that’s the only time that password will get access to your Password vault. You’ve gained access to your password list, and if a keylogger or other sniffer got your password, it’s of no use to them. If you’re then going to use LastPass to log on to one of your sites, I’m not sure if a keylogger can capture an autofill from LastPass or not.
There’s another use for this One Time Password that I feel is very useful.
In Case I Die
If you’re the person in your family who takes care of finances knows where the money, insurance and legal papers, etc. are and you use LastPass, here’s a great idea. Print out a few of the One Time Passwords and put in your Safe Deposit Box, leave it with your attorney or let your spouse/family member know where it is in case you pass away suddenly and perhaps aren’t totally prepared with all your documents. If you do this, be sure to write your email address on the paper too because you need both in order to log into LastPass.
First, you need to be at a trusted, and most likely, your home computer. Log into LastPass and go to http://helpdesk.lastpass.com/security-options/one-time-passwords/. I found this under Support and then clicked on the One Time Passwords link.
Then you’ll be taken to a page that explains how to generate one or more passwords for your site.
Using a One-Time Password
When you need to use your One Time Password, just go to lastpass.com and you’ll see the one-time password area – click on that and you’ll enter in your email and password on another page – it won’t work on the regular sign in page. Complete your sign-in using one of the passwords you’ve generated and you’re in!
If you still aren’t using LastPass, the free service is great and fits most people’s needs. It has saved me much in time and frustration trying to locate and remember my passwords.