LastPass - UW–Madison LastPass Enterprise Service Terms of Use

1Password is replacing LastPass as UW-Madison's supported Password Manager. 1Password was selected for its intuitive user-friendly interface, robust set of features, and excellent track record in safeguarding sensitive data.
Current LastPass users are being invited to 1Password starting in December 2024. LastPass will remain active until May 2025. For more information and updates, refer to the transition FAQ: 1Password - LastPass Transition FAQs


The following UW–Madison LastPass Enterprise Terms of Use are the appropriate use guidelines for all UW–Madison LastPass Enterprise Service users.

Welcome to UW–Madison ’s LastPass Enterprise Service. We are excited to be able to offer you a password manager service, and hope that you will find it beneficial for your employment. As you log in for the first time, we want you to be aware of some of the rules of the road for usage. In addition to the terms for computer usage that you agreed to when you activated your NetID, there are some additional rules specific to usage within LastPass Enterprise. In addition to the UW–Madison LastPass Enterprise Terms of Use, Users are also subject to the LogMeIn Terms of Service.

By logging in and using LastPass Enterprise, you are agreeing to adhere to the following terms of service:

  1. Responsible Use

In general, UW–Madison LastPass Enterprise is suitable for restricted information as long as the appropriate permission controls are in place.

Individuals using this service are required to:

    • Follow the UW System Acceptable Use of Information Technology Resources Policy.

    • Protect the privacy and confidentiality of employee, student, patient, and other institutional information as required by FERPA (privacy of student information) and HIPAA (privacy of patient information).

    • In accordance with federal regulations and UW–Madison policies, all research involving human subjects must be reviewed and approved by an Institutional Review Board prior to any research intervention with a participant. See Human Research Protection Program for details.

    • Comply with all other applicable University policies, State laws, and Federal laws.

  1. System Use - LastPass Enterprise

    • LastPass Enterprise is intended for the secure storage and sharing of work-related credentials and secrets.

    • UW–Madison’s LastPass Enterprise Service is available only to active UW–Madison faculty, staff, and student-employees with a UW–Madison Office365 email account. Students, Emeritus staff, Retirees with IT Services, and Alumni are not eligible for the LastPass Enterprise Service.

    • LastPass Enterprise accounts can be linked to personal LastPass Premium accounts for ease of access.

    • Upon leaving the University, your access to your LastPass Enterprise account will be removed.

    • New LastPass Enterprise users’ accounts will be provisioned to use NetID login for Vault access. Existing beta users will maintain their Master Password login access; however, they can request to convert to NetID login via the LastPass Enterprise Login Type Request Form.

    • LastPass Enterprise accounts require the use of Multi-Factor Authentication (MFA-Duo) for additional security.

    • LastPass Enterprise accounts are supported by DoIT. For more information, refer to “Introducing LastPass Enterprise”. For troubleshooting, contact the DoIT Help Desk.

    • LastPass (LogMeIn) and UW–Madison do not provide backups of credentials and secrets stored in LastPass Enterprise Vaults.

    • LastPass Premium:

      • LastPass Premium accounts are offered separately to LastPass Enterprise accounts. They are provided for free and are intended for storage and sharing of personal credentials, secrets, documents, and payment information at the discretion of the user.

      • Active UW–Madison faculty, staff, student-employees, and students, as well as Emeritus staff, Retirees with IT Services, and Alumni are eligible for free LastPass Premium accounts through the UW–Madison Premium Partner Link.

      • LastPass Premium accounts can be linked to personal LastPass Enterprise accounts for ease of access.

      • Before leaving the University, be sure that your personal credentials and/or encrypted files are stored in your personal LastPass Premium (or other similar personal password manager) account, not your LastPass Enterprise account.

      • Upon leaving the University, your access to your LastPass Premium account (if applicable) will persist as long as you have an active UW–Madison Office365 email account.

      • Should you no longer have an active UW–Madison Office365 email account, your LastPass Premium account will be downgraded to a LastPass Free account; however, your access to your stored credentials and secrets will be retained.

        • Access to LastPass Premium accounts is via Master Password login only.

        • LastPass Premium accounts are not supported by DoIT/UW–Madison.

        • LastPass (LogMeIn) does not provide backups of credentials and secrets stored in LastPass Premium Vaults.

    • LastPass Enterprise/Premium Encrypted File Storage:

      • LastPass Enterprise/Premium encrypted file storage should not be used as a primary data back-up repository or for the storage of data that is not intended for regular access and use. LastPass encrypted file storage is limited to a maximum of 1GB of data per user.

      • We recommend that you keep secure backup copies of your critical files on other media, such as a local hard drive, Google Drive, or a USB Flash Drive. In the unlikely event that there is a system outage, your online files will not be accessible until service returns.

      • You are responsible for the integrity of your data files.

      • LastPass (LogMeIn) and UW–Madison do not provide backups of files stored in LastPass Vaults. 

  1. Privacy Statement

UW–Madison respects the legitimate privacy interests of UW–Madison LastPass Enterprise and LastPass Premium Users within appropriate limits for educational, ethical, and legal reasons.

    • Neither UW–Madison, DoIT, nor LastPass (LogMeIn) staff will have visibility of, record of, or access to the credentials stored within LastPass Vaults.

    • UW–Madison LastPass Enterprise administrators routinely monitor the volume of UW–Madison LastPass Enterprise usage for system management purposes.

    • Usage may also be subject to security testing and monitoring.

    • If the University receives a credible report that a violation has occurred, or if, in the course of managing the service, discovers evidence of a violation, then the matter will be referred for investigation, University disciplinary action, and/or criminal prosecution.

    • Complaints that specific material violates the law or University policy should be reported to The Office of Cybersecurity: https://it.wisc.edu/reporting-an-incident-to-it-security/

    • If you are employed by the University, you should be aware that any documents that you save or publish in the UW–Madison LastPass Enterprise may be subject to the Wisconsin Open Records Act. For more information on the Records Management, please go to:  http://www.library.wisc.edu/archives/records-management/program-overview/legal-requirements-for-records/




Keywords:
LastPass Lastpass lastPass Last Pass lastpass last pass password manager Enterprise enterprise terms of use service appropriate user guidelines faculty staff employee 
Doc ID:
104518
Owned by:
Peter V. in Cybersecurity
Created:
2020-07-30
Updated:
2024-12-13
Sites:
DoIT Help Desk, Office of Cybersecurity