tb582 Wrote:2015-02-18 10:18
You LastPass really needs to implment support for URL rules for subdomains ie using LDAP I sign in to alot of sites with the same creds. Would be a great feature to say abc.com, xyz.com abc.asf.com, all use the same login
Thank you for the feedback, we have a feature request in for this option and it is currently with the development team for review. If you know of other Lastpass users that would like to see this functionality added, please have them contact us so that we can more effectively gauge customer interest in this feature.
Emphatic upvote on this feature. I have three main passwords, two are Active Directory and one is specific to SAP (but other sites authenticate with it as well). Fictionalized examples:
docs.company.com - AD 1 (DOMAIN\username)
monitoring.subdomain.company.com - AD 1 (*just* the username with AD 1's password)
http://www.companyalternatedomain.com - AD 1 (firstname.lastname@example.org with AD 1's password)
intranet.company.com - SAP credentials
id.company.com - SAP credentials
cmdb.subdomain.my-co.com - AD 2 (DOMAIN\username)
sitemonitor.my-other-co.com - AD 2 (*just* the username with AD 1's password)
There is no way to tell from the domain or the rest of the URL which of the three sets of credentials are needed, and as you see the username can be variable too (with or without the DOMAIN\ prefix, or even the user's email address).
I'd love to see a single site entry for each of the sets of credentials, but with the ability to enter multiple URLs. Or perhaps easier, one record for each site, but with the ability to link to information in another record instead of including it in each individual record. For instance, I could set up an AD 1 "master" record for that particular set of credentials, and then in each site's record instead of storing the password I could link it to the password in the AD 1 record. And I could choose to link the username field as well, or enter it manually to support sites with different username formats.
However it's implemented, I'd want to only have to update one LastPass record whenever I change my single sign-on passwords... and my security challenge score should not be negatively impacted by having multiple sites using the same password (since it's truly a unique password for a single authentication source).