LastPass Forums

[TTQ225]

Hello,
I was wondering how LastPass really protects my passwords. From what I see, anybody who manages to login into my computer (it's always on, password protected) will suddenly have access to every site I use that was previously protected my a password. In other words, once I logged into the LastPass with my master password and let it run continuously, my computer is more vulnerable than before. Instead of cracking many passwords to get my protected information, the perpetrator needs to crack only one - the PC/laptop password.
Do I need to log out of LastPass every time I leave my laptop or PC unattended?
Thanks,
Efraim

[Lars]

Do I need to log out of LastPass every time I leave my laptop or PC unattended?

You pretty much answered your own question.

[jonat]

LastPass enables you to eliminate the biggest risk regarding passwords - you. More specifically, the human tendency to use "easy to remember" passwords and to reuse them on multiple sites. With LastPass, you can have a strong, different password for every site and if one gets compromised (by the site server being hacked, usually), your other accounts are not put at risk.

Yes, it does mean that if you leave your LastPass session open and others can access it, that can be bad. If you are in a situation where that is a risk, then indeed log out of LastPass when you think others might get access to your session.

[xmnj]

LastPass enables you to eliminate the biggest risk regarding passwords - you. More specifically, the human tendency to use "easy to remember" passwords and to reuse them on multiple sites. With LastPass, you can have a strong, different password for every site and if one gets compromised (by the site server being hacked, usually), your other accounts are not put at risk.

Yes, it does mean that if you leave your LastPass session open and others can access it, that can be bad. If you are in a situation where that is a risk, then indeed log out of LastPass when you think others might get access to your session.

And to also add, you can setup automatic logoff after a specific time period. In practice you should also lock your PC and have a good password on it.