LastPass - Can I Use My LastPass Enterprise Vault to Store My NetID Credentials? Should I?

Using LastPass Enterprise to store your NetID Login credentials is recommended and encouraged

If Your Vault is Protected with Master Password Login

If you’re using Master Password Login, yes, you can and you should store your NetID credentials in your LastPass Enterprise Vault. Once stored in your Vault, your NetID credentials will benefit from the same features as your other stored credentials: security, management, and autofill capabilities. However, it is important to keep in mind that you will still need to know your NetID credentials for some login purposes. 


Please Note: LastPass Enterprise has policies enabled that prevent your Master Password from being the same as your NetID Login password. We recommend following best practices for creating strong,unique passwords.

If Your Vault is Protected with NetID Login

If your vault is protected using NetID Login, you are still able to and encouraged to store your NetID credentials in your LastPass Enterprise Vault. If you are concerned that this is against best practices, consider the following:

  • A Single Sign On (SSO) password is not a “Master Password” in the sense that LastPass characterizes it, and can be expected to be stored for use with other services in any enterprise SSO scenario.

  • You already need to know your NetID password, and will need to continue to know it for other uses even with the adoption of LastPass Enterprise.

  • LastPass Enterprise is designed to protect NetID passwords by facilitating good password practices for other, non-NetID services.

  • NetID, and thus the LastPass Enterprise Vault, is protected by MFA-Duo in the event of a compromise of a NetID password.

  • NetID Login keeps the focus on the security of the NetID password, instead of a new, additional Master Password, both of which the user would need to know.

  • The LastPass extension will protect your NetID password from phishing because it will only fill it in at https://login.wisc.edu and will not fill it in on any other website.