PASSWORDS BITE. FIGHT BACK WITH LASTPASS.

Special Topics in Cyber Security PASSWORDS BITE. FIGHT BACK WITH LASTPASS.

It's so annoying when you go online to get something done only to be thwarted by a forgotten password. With so many apps and accounts these days, who's got time to remember all those passwords?

Organize Your Passwords One Master Password Simplify Logging In Store your logins and notes Remember your master Fill in any login or online to a secure, searchable vault. password, forget the rest. form, no typing required.

Sync Everywhere Uncrackable Passwords Bank-Level Encryption Your passwords are Generate long, strong We never have your key. Your always backed up. passwords in a click. data is for your eyes only. How Does LastPass Work?

YOUR MASTER PASSWORD

CREATE ACCOUNT

< Create an account with your email address and a strong < master password. PBKDF2 Your master password is a key that is hashing prevents your password never shared with LastPass. Your data from ever being shared with us, stays accessible only to you. keeping it secure. PBKDF2 HASHING\\ < LastPass can never access your master password. YOUR VAULT & ENCRYPTION < See all your accounts and passwords in one easy-to-use "vault." LastPass syncs automatically, so you're always up-to-date. Sensitive data is only encrypted and decrypted locally, with your key, which is never shared with LastPass. 256-bit AES encryption, one-way salted hashes, and MULTIFACTOR PBKDF2 iterations ensure complete security AUTHENTICATION with the power of syncing through the cloud. < Recommended by industry experts, multifactor authentication adds extra security by requiring a second login step when signing in to your account. AUTOFILL < Because LastPass remembers and fills in all of your usernames and passwords for you, you can finally use USER: ...... a strong, unique password for each online account. LastPass does the work for you. PASS: ......

LASTPASS WORKS ON ALL OF YOUR DEVICES!

< LastPass is trusted by over 8 million LastPass ensures you'll have all of your users and 18,000 businesses worldwide. passwords, everywhere you need them, at any time. LastPass makes it so you won't have to remember passwords, but you can also trust that your logins will be there when you need them. Security & Compliance

At LastPass, your security and privacy are our top priority - that's why we've taken every step possible to • Empowering administrators to control employee access to specific tools and sites Availability ensure that your data is safely stored and synced in your LastPass account. We've accomplished this by • Employers can impose specific criteria around the strength and length of the master passwords of their LastPass was built on the belief that users must always have access to their data – anywhere, anytime. using 256-bit AES implemented in C++ and JavaScript (for the website) and exclusively encrypting and employees. We've accomplished this in multiple ways: first, we have multiple Tier 1 data-centers in production service decrypting on the local PC. This means that your sensitive data does not travel over the Internet nor does • Employers can mandate the use of multi-factor authentication for login to LastPass. at all times for full redundancy and availability. Second, we store the user’s encrypted data on the local it ever touch our servers, only the encrypted data does. This is the same encryption algorithm that is • Employers can lock down access to LastPass based on IP Address and/or device. Access can be PC at login, so that if LastPass.com cannot be reached, the user will still have full access to the add-on used by the US Government to protect its top-secret data. restricted for all employees, or an elected sub-set. and to their stored accounts. The website can be used without installation of the add-on (the encryption • With LastPass Shared Folders, Administrators can allocate logins to users as either hidden or and decryption happens in JavaScript), but we take advantage of faster encryption in the add-ons when Your encrypted data is meaningless to us and to everyone else without the decryption key. This key is visible. Hidden passwords can only be utilized through LastPass auto-fill. Every login event is available. LastPass also offers user access through the mobile site m.lastpass.com. created from your email address and Master Password. Your Master Password is never sent to LastPass, then captured and retailed in the Login Reports. only a one-way hash of your password when authenticating, which means that the components that • Monitoring and logging all access by both employees and administrators Off Site Backups make up your key remain local. LastPass also offers an array of advanced security options that let you • The LastPass Login Report captures (1) username, time date stamp, IPaddress and site name for add more layers of protection for your organization. every login, (2) formfill events, (3) and all username and password updates, that are conducted LastPass keeps daily local backups as well as a daily off site backup. Although private data is already using LastPass. encrypted on our servers, as an additional precaution backups are also encrypted with GPG. LastPass has multiple layers of protection in place that will lock down the device in cases of a brute force • The Shared Folders Report captures a detailed record of every Shared Folder created within the attack based on a deep and diverse set of criteria. To increase the security of your master password, company, including: (1) assigned users, (2) access rights and permissions of each user relative to Automated Testing LastPass utilizes a stronger-than-typical version of Password-Based Key Derivation Function (PBKDF2). At each folder, (3) full list of sites and tools shared with the folder. its most basic, PBKDF2 is a "password-strengthening algorithm" that makes it difficult for a computer to • The Admin Events Report tracks administrator activity conducted with the Enterprise Console LastPass uses Paros to help verify it hasn't made common mistakes that could result in a XSS or SQL check that any one password is the correct master password during a brute-force attack. The standard such as (1) new account created, (2) user account terminated, (3) policy edit or assignment. This Injection attack, and Funkload to verify performance and create functional tests that are run implementation of PBKDF2 uses SHA-1, a secure hashing algorithm. SHA-1 is faster, but its speed is a report includes the name of the administrator, time/date stamp, IP Address and event type. by Nagios. Microsoft's Application Verifier and other tools are used to help identify common problems in weakness in that brute-force attacks can likewise be performed faster. LastPass has opted to use SHA- • Retaining access records for a minimum of three years the IE add-on as well as a number of Mozilla tools that are used to test the Firefox add-on. 256, a slower hashing algorithm that provides more protection against brute-force attacks. LastPass • Each report is retained on our servers for a period of no less than 3 years. utilizes the PBKDF2 function implemented with SHA-256 to turn your master password into your encryp- • Reports can be filtered by user, data range, and can be exported to Excel. tion key. By default, LastPass performs 5000 rounds of the function to create the encryption key, before a single additional round of PBKDF2 is done to create your login hash. We've taken every step to ensure Safely Sharing Accounts With Others our user’s security and privacy. LastPass uses public/private key cryptography - specifically RSA from Crypto++ and jsbn - to allow users On Windows, the LastPass installer helps find insecure passwords stored on a user’s computer so that to share their accounts with trusted parties, without ever sharing it with LastPass. The distinguishing they can be saved securely in LastPass, eliminating their easy access by malicious software. As an addi- technique used in public-key cryptography is the use of asymmetric key algorithms, where the key used tional precaution LastPass uses SSL exclusively for data transfer - even though the vast majority of data to encrypt a message is not the same as the key used to decrypt it. Each user has a pair of cryptographic being sent is already encrypted with 256-bit AES and is unusable to both LastPass and any party listening keys - a public encryption key and a private decryption key. Messages are encrypted with the recipient's in to the network traffic. Our policy of never receiving private data that has not already been locked down public key, and can be decrypted only with the corresponding private key. This process is, of course, with a LastPass master password (which we never receive and will never ask for) radically reduces attack completely automated with no action required by the end user. vectors. We use firewalls and best practices to protect the servers and service, but our best line of defense is simply not having access to data even if someone were able to hack their way in. If LastPass Account Recovery can't access it, hackers can't either. With 'account recovery', we store an encrypted version of the user's encryption key on their hard drive and store an encrypted version of the key to decrypt the encryption key on our server. The encrypted Strengthen Compliance Through Controlled Access and Monitoring value on their hard drive is useless without the encrypted key on the server. The encrypted key on our Safeguarding your customer’s personal information is a considerable challenge in today’s environment of server is useless to us as we do not have the key to decrypt it. We force the end user to prove they are remote offices, virtual employees, the increased use of Web services, and the increased incidence of who they claim to be by validating their email and thereafter deliver the encrypted key to the user -- they cyber-attacks. Each regulatory framework is different, but HIPAA, PCI, SOX and GLBA all call for highly then decrypt the key and use it to decrypt their encrypted key to gain access to a forced password reset defined processes relative to employee access to data, the ability to track this access, and retention of module. these records. LastPass helps support corporate compliance efforts by: Security & Compliance

At LastPass, your security and privacy are our top priority - that's why we've taken every step possible to • Empowering administrators to control employee access to specific tools and sites Availability ensure that your data is safely stored and synced in your LastPass account. We've accomplished this by • Employers can impose specific criteria around the strength and length of the master passwords of their LastPass was built on the belief that users must always have access to their data – anywhere, anytime. using 256-bit AES implemented in C++ and JavaScript (for the website) and exclusively encrypting and employees. We've accomplished this in multiple ways: first, we have multiple Tier 1 data-centers in production service decrypting on the local PC. This means that your sensitive data does not travel over the Internet nor does • Employers can mandate the use of multi-factor authentication for login to LastPass. at all times for full redundancy and availability. Second, we store the user’s encrypted data on the local it ever touch our servers, only the encrypted data does. This is the same encryption algorithm that is • Employers can lock down access to LastPass based on IP Address and/or device. Access can be PC at login, so that if LastPass.com cannot be reached, the user will still have full access to the add-on used by the US Government to protect its top-secret data. restricted for all employees, or an elected sub-set. and to their stored accounts. The website can be used without installation of the add-on (the encryption • With LastPass Shared Folders, Administrators can allocate logins to users as either hidden or and decryption happens in JavaScript), but we take advantage of faster encryption in the add-ons when Your encrypted data is meaningless to us and to everyone else without the decryption key. This key is visible. Hidden passwords can only be utilized through LastPass auto-fill. Every login event is available. LastPass also offers user access through the mobile site m.lastpass.com. created from your email address and Master Password. Your Master Password is never sent to LastPass, then captured and retailed in the Login Reports. only a one-way hash of your password when authenticating, which means that the components that • Monitoring and logging all access by both employees and administrators Off Site Backups make up your key remain local. LastPass also offers an array of advanced security options that let you • The LastPass Login Report captures (1) username, time date stamp, IPaddress and site name for add more layers of protection for your organization. every login, (2) formfill events, (3) and all username and password updates, that are conducted LastPass keeps daily local backups as well as a daily off site backup. Although private data is already using LastPass. encrypted on our servers, as an additional precaution backups are also encrypted with GPG. LastPass has multiple layers of protection in place that will lock down the device in cases of a brute force • The Shared Folders Report captures a detailed record of every Shared Folder created within the attack based on a deep and diverse set of criteria. To increase the security of your master password, company, including: (1) assigned users, (2) access rights and permissions of each user relative to Automated Testing LastPass utilizes a stronger-than-typical version of Password-Based Key Derivation Function (PBKDF2). At each folder, (3) full list of sites and tools shared with the folder. its most basic, PBKDF2 is a "password-strengthening algorithm" that makes it difficult for a computer to • The Admin Events Report tracks administrator activity conducted with the Enterprise Console LastPass uses Paros to help verify it hasn't made common mistakes that could result in a XSS or SQL check that any one password is the correct master password during a brute-force attack. The standard such as (1) new account created, (2) user account terminated, (3) policy edit or assignment. This Injection attack, and Funkload to verify performance and create functional tests that are run implementation of PBKDF2 uses SHA-1, a secure hashing algorithm. SHA-1 is faster, but its speed is a report includes the name of the administrator, time/date stamp, IP Address and event type. by Nagios. Microsoft's Application Verifier and other tools are used to help identify common problems in weakness in that brute-force attacks can likewise be performed faster. LastPass has opted to use SHA- • Retaining access records for a minimum of three years the IE add-on as well as a number of Mozilla tools that are used to test the Firefox add-on. 256, a slower hashing algorithm that provides more protection against brute-force attacks. LastPass • Each report is retained on our servers for a period of no less than 3 years. utilizes the PBKDF2 function implemented with SHA-256 to turn your master password into your encryp- • Reports can be filtered by user, data range, and can be exported to Excel. tion key. By default, LastPass performs 5000 rounds of the function to create the encryption key, before a single additional round of PBKDF2 is done to create your login hash. We've taken every step to ensure Safely Sharing Accounts With Others our user’s security and privacy. LastPass uses public/private key cryptography - specifically RSA from Crypto++ and jsbn - to allow users On Windows, the LastPass installer helps find insecure passwords stored on a user’s computer so that to share their accounts with trusted parties, without ever sharing it with LastPass. The distinguishing they can be saved securely in LastPass, eliminating their easy access by malicious software. As an addi- technique used in public-key cryptography is the use of asymmetric key algorithms, where the key used tional precaution LastPass uses SSL exclusively for data transfer - even though the vast majority of data to encrypt a message is not the same as the key used to decrypt it. Each user has a pair of cryptographic being sent is already encrypted with 256-bit AES and is unusable to both LastPass and any party listening keys - a public encryption key and a private decryption key. Messages are encrypted with the recipient's in to the network traffic. Our policy of never receiving private data that has not already been locked down public key, and can be decrypted only with the corresponding private key. This process is, of course, with a LastPass master password (which we never receive and will never ask for) radically reduces attack completely automated with no action required by the end user. vectors. We use firewalls and best practices to protect the servers and service, but our best line of defense is simply not having access to data even if someone were able to hack their way in. If LastPass Account Recovery can't access it, hackers can't either. With 'account recovery', we store an encrypted version of the user's encryption key on their hard drive and store an encrypted version of the key to decrypt the encryption key on our server. The encrypted Strengthen Compliance Through Controlled Access and Monitoring value on their hard drive is useless without the encrypted key on the server. The encrypted key on our Safeguarding your customer’s personal information is a considerable challenge in today’s environment of server is useless to us as we do not have the key to decrypt it. We force the end user to prove they are remote offices, virtual employees, the increased use of Web services, and the increased incidence of who they claim to be by validating their email and thereafter deliver the encrypted key to the user -- they cyber-attacks. Each regulatory framework is different, but HIPAA, PCI, SOX and GLBA all call for highly then decrypt the key and use it to decrypt their encrypted key to gain access to a forced password reset defined processes relative to employee access to data, the ability to track this access, and retention of module. these records. LastPass helps support corporate compliance efforts by: Security & Compliance

At LastPass, your security and privacy are our top priority - that's why we've taken every step possible to • Empowering administrators to control employee access to specific tools and sites Availability ensure that your data is safely stored and synced in your LastPass account. We've accomplished this by • Employers can impose specific criteria around the strength and length of the master passwords of their LastPass was built on the belief that users must always have access to their data – anywhere, anytime. using 256-bit AES implemented in C++ and JavaScript (for the website) and exclusively encrypting and employees. We've accomplished this in multiple ways: first, we have multiple Tier 1 data-centers in production service decrypting on the local PC. This means that your sensitive data does not travel over the Internet nor does • Employers can mandate the use of multi-factor authentication for login to LastPass. at all times for full redundancy and availability. Second, we store the user’s encrypted data on the local it ever touch our servers, only the encrypted data does. This is the same encryption algorithm that is • Employers can lock down access to LastPass based on IP Address and/or device. Access can be PC at login, so that if LastPass.com cannot be reached, the user will still have full access to the add-on used by the US Government to protect its top-secret data. restricted for all employees, or an elected sub-set. and to their stored accounts. The website can be used without installation of the add-on (the encryption • With LastPass Shared Folders, Administrators can allocate logins to users as either hidden or and decryption happens in JavaScript), but we take advantage of faster encryption in the add-ons when Your encrypted data is meaningless to us and to everyone else without the decryption key. This key is visible. Hidden passwords can only be utilized through LastPass auto-fill. Every login event is available. LastPass also offers user access through the mobile site m.lastpass.com. created from your email address and Master Password. Your Master Password is never sent to LastPass, then captured and retailed in the Login Reports. only a one-way hash of your password when authenticating, which means that the components that • Monitoring and logging all access by both employees and administrators Off Site Backups make up your key remain local. LastPass also offers an array of advanced security options that let you • The LastPass Login Report captures (1) username, time date stamp, IPaddress and site name for add more layers of protection for your organization. every login, (2) formfill events, (3) and all username and password updates, that are conducted LastPass keeps daily local backups as well as a daily off site backup. Although private data is already using LastPass. encrypted on our servers, as an additional precaution backups are also encrypted with GPG. LastPass has multiple layers of protection in place that will lock down the device in cases of a brute force • The Shared Folders Report captures a detailed record of every Shared Folder created within the attack based on a deep and diverse set of criteria. To increase the security of your master password, company, including: (1) assigned users, (2) access rights and permissions of each user relative to Automated Testing LastPass utilizes a stronger-than-typical version of Password-Based Key Derivation Function (PBKDF2). At each folder, (3) full list of sites and tools shared with the folder. its most basic, PBKDF2 is a "password-strengthening algorithm" that makes it difficult for a computer to • The Admin Events Report tracks administrator activity conducted with the Enterprise Console LastPass uses Paros to help verify it hasn't made common mistakes that could result in a XSS or SQL check that any one password is the correct master password during a brute-force attack. The standard such as (1) new account created, (2) user account terminated, (3) policy edit or assignment. This Injection attack, and Funkload to verify performance and create functional tests that are run implementation of PBKDF2 uses SHA-1, a secure hashing algorithm. SHA-1 is faster, but its speed is a report includes the name of the administrator, time/date stamp, IP Address and event type. by Nagios. Microsoft's Application Verifier and other tools are used to help identify common problems in weakness in that brute-force attacks can likewise be performed faster. LastPass has opted to use SHA- • Retaining access records for a minimum of three years the IE add-on as well as a number of Mozilla tools that are used to test the Firefox add-on. 256, a slower hashing algorithm that provides more protection against brute-force attacks. LastPass • Each report is retained on our servers for a period of no less than 3 years. utilizes the PBKDF2 function implemented with SHA-256 to turn your master password into your encryp- • Reports can be filtered by user, data range, and can be exported to Excel. tion key. By default, LastPass performs 5000 rounds of the function to create the encryption key, before a single additional round of PBKDF2 is done to create your login hash. We've taken every step to ensure Safely Sharing Accounts With Others our user’s security and privacy. LastPass uses public/private key cryptography - specifically RSA from Crypto++ and jsbn - to allow users On Windows, the LastPass installer helps find insecure passwords stored on a user’s computer so that to share their accounts with trusted parties, without ever sharing it with LastPass. The distinguishing they can be saved securely in LastPass, eliminating their easy access by malicious software. As an addi- technique used in public-key cryptography is the use of asymmetric key algorithms, where the key used tional precaution LastPass uses SSL exclusively for data transfer - even though the vast majority of data to encrypt a message is not the same as the key used to decrypt it. Each user has a pair of cryptographic being sent is already encrypted with 256-bit AES and is unusable to both LastPass and any party listening keys - a public encryption key and a private decryption key. Messages are encrypted with the recipient's in to the network traffic. Our policy of never receiving private data that has not already been locked down public key, and can be decrypted only with the corresponding private key. This process is, of course, with a LastPass master password (which we never receive and will never ask for) radically reduces attack completely automated with no action required by the end user. vectors. We use firewalls and best practices to protect the servers and service, but our best line of defense is simply not having access to data even if someone were able to hack their way in. If LastPass Account Recovery can't access it, hackers can't either. With 'account recovery', we store an encrypted version of the user's encryption key on their hard drive and store an encrypted version of the key to decrypt the encryption key on our server. The encrypted Strengthen Compliance Through Controlled Access and Monitoring value on their hard drive is useless without the encrypted key on the server. The encrypted key on our Safeguarding your customer’s personal information is a considerable challenge in today’s environment of server is useless to us as we do not have the key to decrypt it. We force the end user to prove they are remote offices, virtual employees, the increased use of Web services, and the increased incidence of who they claim to be by validating their email and thereafter deliver the encrypted key to the user -- they cyber-attacks. Each regulatory framework is different, but HIPAA, PCI, SOX and GLBA all call for highly then decrypt the key and use it to decrypt their encrypted key to gain access to a forced password reset defined processes relative to employee access to data, the ability to track this access, and retention of module. these records. LastPass helps support corporate compliance efforts by: Managing your Online Passwords

● To provide you with a password management solution/options that is available at a low cost or free. ● Learn about Password Managers ● Learn How LastPass Works ● Creating a LastPass Free Account Todays ● How to Access LastPass Free ● Learn How to Save Sites and Passwords Goals ● Learn How to Create Secure Notes ● Use the Form Fill-In’s Feature ● Learn How to Generate Strong and Secure Passwords ● Learn About Account Recovery Options ● Learn Where to Find Help

What is a Password Manager?

A Password Manager is a service that remembers your passwords, so you don’t have to. All you have to do is remember one Master Password!

In addition to helping you organize and manage your logins and passwords, a Password Manager also makes it easy for you to follow Best Password Practices.

Special Topics in Cyber Security Password Managers

The Best Password Managers of 2017 - PC Magazine

Five Best Password Managers - LifeHacker

Take Control of Password Chaos with These Six Password Managers - c|net

Special Topics in Cyber Security

What is LastPass?

LastPass is a secure password management tool that provides individuals with a solution for creation, saving, management, and sharing* of passwords.

LastPass synchronizes everywhere with support for the most common browsers, operating systems, and mobile devices.

Data is encrypted locally and stored on LastPass servers that is not readable by anyone except for you. This means that sensitive data does not travel over the Internet, only the encrypted data does.

LastPass Review - PC Magazine

Special Topics in Cyber Security

LastPass Editions

LastPass Personal

● Free Edition ● Premium Edition (Sharing of Passwords with Family Members) ○ $1/Month

LastPass Business

● Teams Edition ● Enterprise Edition

Special Topics in Cyber Security Why Use LastPass?

LastPass allows you to create secure and strong passwords.

LastPass provides you with a single repository (LastPass Vault) to store your login and password information, sensitive data, and secure notes that are easily accessible to you in a variety of ways.

Saving and Managing Passwords with LastPass makes this process simple and secure! So no more passing around of paper notes, saving passwords in email, or sharing passwords in a password protected Word/Excel documents that can easily be compromised.

Special Topics in Cyber Security

How Does LastPass Work?

Special Topics in Cyber Security

Getting Started

● Create an Account - www.lastpass.com ○ During this training session you will be creating a LastPass Personal account. You will need to use a personal email address and not your Bates email address. ● Access your Online LastPass Vault ○ Login to your LastPass Web Vault ● Download and Install the Browser Plug-In ○ LastPass is best accessed through your browser plug-in. The browser plug-in automatically monitors sites and saves site information and injects usernames and passwords into login fields.

Special Topics in Cyber Security Creating your Master Password

Your Master Password is the most important factor in securing your LastPass Vault.

Make your Master Password secure. Your Master Password should include at least 8 characters combining numbers, symbols, and letters, without using dictionary-based words.

Your Master Password should be something memorable. If you lose or forget your Master Password, there is NO WAY to retrieve it! Without your Master Password, your password vault is unaccessible and all of your information stored in it will be lost!

Special Topics in Cyber Security

Accessing LastPass

Your LastPass Vault can be accessed in a variety of different ways.

● Browser Plug-In (Recommended and Easiest) ○ Most web browsers are supported! ■ Chrome, Safari, Firefox, Opera, Maxhon, Internet Explorer ● Web Vault ○ https://www.lastpass.com/ ● Mobile Access ○ iOS - iPhone/iPad ○ Android ○ Windows Phone

Special Topics in Cyber Security

Meet your LastPass Vault Meet the Browser Extension

Saving Sites and Passwords

LastPass saves and fills in logins and passwords for your (Sites).

Use the LastPass in-field icon to save a new login or to select from the account you have already stored.

LastPass can also generate secure, unique passwords for you. Consider updating account passwords with one that has been generated by LastPass!

Advanced Features:

● Automatic Login / Disable Login ● Require Password Reprompt

Special Topics in Cyber Security

Adding & Saving Sites Saving Sites and Passwords

Special Topics in Cyber Security

Creating Secure Notes

With LastPass Secure Notes you can securely save things like Credit Card Information, WiFi logins, PIN Codes, Membership information, or anything that should be saved securely.

Secure Notes also allow you to add attachments to your Secure Notes.

Special Topics in Cyber Security

Creating Secure Notes

Special Topics in Cyber Security Using Form Fill-In’s

Save time and create a secure form fill profile(s) for simplified automatic filling of online forms.

Consider creating different forms for different purposes (identities).

● Different Address Information ● Different Department Information

Special Topics in Cyber Security

Filling a Form

Using Form Fill-In’s

Special Topics in Cyber Security Security Challenge

Once you have started to add your login and password information (site), take the LastPass Security Challenge.

The LastPass Security Challenge identifies weak, duplicate, and potentially breached passwords.

Special Topics in Cyber Security

Multifactor Authentication

Add another layer of security to your LastPass account with multifactor authentication to protect against keyloggers, phishing, and other threats.

● Google Authenticator ● LastPass Authenticator

Special Topics in Cyber Security

Generating Secure Passwords

LastPass Free Edition can generate strong and secure passwords for you.

Special Topics in Cyber Security Generating a Password

Share Single Passwords

With LastPass Free Edition you can share single site information with another individual. They will need to create a LastPass account in order to access the site information shared with them.

Special Topics in Cyber Security

Emergency Account Recovery

Establish an emergency contact to access your LastPass Free account in the case of an emergency where you may not be able to access your account.

Special Topics in Cyber Security Account Recovery

It is very important that you remember your LastPass Master Password. If you forget your Master Password, there are few options available to recover your account.

If you are not successful in recovering your account, all of your secured data in your LastPass Vault will be lost!

Visit lastpass.com/forgot.php to initiate the account recovery process.

Special Topics in Cyber Security

Account Recovery

Special Topics in Cyber Security

Getting Assistance

Getting Started with LastPass

● https://helpdesk.lastpass.com

Visit the LastPass Support Center

● https://lastpass.com/support.php

Special Topics in Cyber Security Thank You!

Special Topics in Cyber Security - Managing your Online Passwords

Lee Philip J. Desiderio Instructional Support Manager Bates College (207) 786-6181/x6181 [email protected] [email protected]

Special Topics in Cyber Security