LastPass - Can I Use My LastPass Enterprise Vault to Store My NetID Credentials? Should I?

1Password is replacing LastPass as UW-Madison's supported Password Manager. 1Password was selected for its intuitive user-friendly interface, robust set of features, and excellent track record in safeguarding sensitive data.
Current LastPass users are being invited to 1Password starting in December 2024. LastPass will remain active until May 2025. For more information and updates, refer to the transition FAQ: 1Password - LastPass Transition FAQs


Using LastPass Enterprise to store your NetID Login credentials is recommended and encouraged

If Your Vault is Protected with Master Password Login

If you’re using Master Password Login, yes, you can and you should store your NetID credentials in your LastPass Enterprise Vault. Once stored in your Vault, your NetID credentials will benefit from the same features as your other stored credentials: security, management, and autofill capabilities. However, it is important to keep in mind that you will still need to know your NetID credentials for some login purposes. 


Please Note: LastPass Enterprise has policies enabled that prevent your Master Password from being the same as your NetID Login password. We recommend following best practices for creating strong,unique passwords.

If Your Vault is Protected with NetID Login

If your vault is protected using NetID Login, you are still able to and encouraged to store your NetID credentials in your LastPass Enterprise Vault. If you are concerned that this is against best practices, consider the following:

  • A Single Sign On (SSO) password is not a “Master Password” in the sense that LastPass characterizes it, and can be expected to be stored for use with other services in any enterprise SSO scenario.

  • You already need to know your NetID password, and will need to continue to know it for other uses even with the adoption of LastPass Enterprise.

  • LastPass Enterprise is designed to protect NetID passwords by facilitating good password practices for other, non-NetID services.

  • NetID, and thus the LastPass Enterprise Vault, is protected by MFA-Duo in the event of a compromise of a NetID password.

  • NetID Login keeps the focus on the security of the NetID password, instead of a new, additional Master Password, both of which the user would need to know.

  • The LastPass extension will protect your NetID password from phishing because it will only fill it in at https://login.wisc.edu and will not fill it in on any other website.



Keywords:
LastPass Lastpass lastPass Last Pass lastpass last pass password manager Enterprise enterprise account faculty staff employee netid NetID safe store protect keep manage 
Doc ID:
103566
Owned by:
Peter V. in Cybersecurity
Created:
2020-07-02
Updated:
2024-12-13
Sites:
DoIT Help Desk, Office of Cybersecurity