"Use a PIN code" for browser plug-ins and keyboard concerns

Tell us what features would make LastPass even better and vote for features that are most important to you

Moderators: admin, anatoly_LP, chantieLP, JoeSiegrist, robyn

Re: "Use a PIN code" for browser plug-ins and keyboard conce

Postby martyl1000 » Thu Jun 16, 2016 9:55 am

I'd find this really useful, too.

Thanks.
martyl1000
 
Posts: 1
Joined: Mon Jun 22, 2015 12:53 pm

Re: "Use a PIN code" for browser plug-ins and keyboard conce

Postby Taijutsu » Thu Jun 30, 2016 12:50 pm

+1 on this feature.

Have it work just like the mobile. The expectation are the same and actually you could make the case that a laptop is more vulnerable than a phone. A modern phone will implement file encryption and be able to safely secure the device. A laptop is generally not encrypted, mileage varies, but generally not.

A phone you generally keep in your pocket where a laptop you are more likely to step away and leave open. I know you could argue lock screen but physical access to a computer could be compromised more easily.

I would say this is my #1 feature request because I can see how easily my stuff could be leaked out.
Taijutsu
 
Posts: 1
Joined: Wed Mar 05, 2014 2:40 pm

Re: "Use a PIN code" for browser plug-ins and keyboard conce

Postby jpenny84 » Thu Jun 30, 2016 3:04 pm

Taijutsu Wrote:+1 on this feature.

Have it work just like the mobile. The expectation are the same and actually you could make the case that a laptop is more vulnerable than a phone. A modern phone will implement file encryption and be able to safely secure the device. A laptop is generally not encrypted, mileage varies, but generally not.

A phone you generally keep in your pocket where a laptop you are more likely to step away and leave open. I know you could argue lock screen but physical access to a computer could be compromised more easily.

I would say this is my #1 feature request because I can see how easily my stuff could be leaked out.


A low entropy PIN code is not an ideal security feature. PIN codes on mobile devices are an option primarily due to screen based soft keyboards.

You can set your session to time out automatically if someone gaining access to a computer is a concern: https://lastpass.com/support.php?cmd=showfaq&id=153
jpenny84
 
Posts: 6744
Joined: Tue Mar 06, 2012 9:10 pm

Re: "Use a PIN code" for browser plug-ins and keyboard conce

Postby josh219 » Thu Jan 26, 2017 11:39 pm

I would like to have the OPTION(=CHOICE) for using a PIN also. I am a paying customer and this is a feature that I want. I'm not paying for someone else to force their philosophy on me. Come on guys, this can't be very difficult to actually implement. Why can't you trust your users to make the right decisions for THEIR own security. Get over yourselves and listen to you customers or you'll find that they leave you for another vendor that does.
josh219
 
Posts: 1
Joined: Thu Jan 26, 2017 11:35 pm

Re: "Use a PIN code" for browser plug-ins and keyboard conce

Postby paultparker » Wed Feb 15, 2017 8:29 pm

Long-time Premium user here. I have to say this is the first thing that has made me seriously consider leaving LastPass. Since there is no PIN option and my master password is far too long and complex to type all the time, I have to leave some computers with LastPass simply permanently enabled. Is that really more secure?? I rather don't think so. Or I guess I could downgrade the strength of my master password. Also a significant security loss.

It is well-established that security that is not usable is not security at all. Users will simply not use it. For example, by never logging out.
paultparker
 
Posts: 3
Joined: Wed Oct 12, 2011 3:09 pm

Re: "Use a PIN code" for browser plug-ins and keyboard conce

Postby user290 » Tue Mar 14, 2017 1:45 pm

I also agree that this would an excellent addition. I agree that the choice is either, leave your DB unlocked all the time, or key in your, (should be) long passphrase every time. This is tedious and time consuming for those of us who have complex pass phrases. A PIN, after a notification of the trade off, would be a good compromise.
user290
 
Posts: 2
Joined: Tue Mar 14, 2017 1:43 pm

Re: "Use a PIN code" for browser plug-ins and keyboard conce

Postby user290 » Tue Mar 14, 2017 1:48 pm

paultparker Wrote:Long-time Premium user here. I have to say this is the first thing that has made me seriously consider leaving LastPass. Since there is no PIN option and my master password is far too long and complex to type all the time, I have to leave some computers with LastPass simply permanently enabled. Is that really more secure?? I rather don't think so. Or I guess I could downgrade the strength of my master password. Also a significant security loss.

It is well-established that security that is not usable is not security at all. Users will simply not use it. For example, by never logging out.


Exactly! I'm a Premium user as well. It seems that there are several of us who would like this feature. Seems like it would be easy enough to implement. They should just enable it already and display whatever notices they feel are necessary to remove their perceived liability.
user290
 
Posts: 2
Joined: Tue Mar 14, 2017 1:43 pm

Previous

Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 15 guests