LastPass - NetID vs Master Password: Which authentication method is best for me?

1Password is replacing LastPass as UW-Madison's supported Password Manager. 1Password was selected for its intuitive user-friendly interface, robust set of features, and excellent track record in safeguarding sensitive data.
Current LastPass users are being invited to 1Password starting in December 2024. LastPass will remain active until May 2025. For more information and updates, refer to the transition FAQ: 1Password - LastPass Transition FAQs


The UW-Madison Enterprise instance of LastPass supports two different authentication mechanisms, NetID and Master Password. There are key differences to each highlighted below to help you decide which option is best for you.

Note: We prefer "primary" to "master," but LastPass uses "master." We've used "master" in this documentation to avoid confusion.

The best way to safely generate, store, and keep track of your passwords is to use a password manager app like LastPass. At UW-Madison we support two ways to login to your LastPass account and have provided some considerations below to help you decide which is best for you.

NetID Authentication

NetID is the default authentication method for new LastPass users. (If you are interested in activating a LastPass account, see: LastPass - How to activate a UW-Madison Enterprise LastPass account) Using this authentication method, users will login to LastPass much like other applications at UW-Madison. You'll provide your netid@wisc.edu email address and then log in with NetID, NetID password, and Duo.

Pros

  • Eliminates the need to remember a separate Master Password to access LastPass.
  • Most difficult to crack encryption because part of the encryption key is stored by UW-Madison and not LastPass. LastPass uses a patent-pending method of distributing, storing and uniting encrypted keys to ensure your NetID password is never shared with LastPass.

Cons

  • Creates a single point of failure if your NetID account is compromised. A compromised NetID could allow an attacker to compromise your LastPass account.
  • Signing out requires you to close your browser, and potentially clear your browsers cache, to be fully logged out.
  • There are some feature limitations when using NetID authentication. Details: LastPass - What are the limitations for LastPass users with NetID login?

Master Password Authentication

Users who leverage a Master Password use it instead of their NetID password to log into LastPass. You'll provide your email address, Master Password, and complete a Duo MFA prompt to login.

Pros

  • Separate from NetID password, meaning a compromise of one doesn't compromise the other.

Cons

  • Creates an additional password to remember. It is strongly recommended that you never re-use your master password for any other account or application.
  • It is not possible for LastPass Support to reset or change a user's master password if it is forgotten. UW-Madison LastPass admins are able to reset some users Master Passwords if they are forgotten.


Keywords:
LastPass, NetID, Master Password, SSO, authentication, login, security, cybersecurity 
Doc ID:
123613
Owned by:
Peter V. in Cybersecurity
Created:
2023-01-27
Updated:
2024-12-13
Sites:
Office of Cybersecurity