Summary: Amber Gott (@lastpass), Online Community Manager for Last Pass (https://lastpass.com/) and Rich O’Neil (@dvn7) joins Jim (@jcollison) and for show #155 of Home Tech Podcast brought to you by the Average Guy Network, part of http://thegeeksnetwork.com/ community. Support the Average Guy Tech Scholarship Fund: http://theAverageGuy.tv/amazon Join us for the show live each Thursday at 8pmC/9E/1UTC at http://theAverageGuy.tv/live or call in your questions or comments to be played on the show at (402) 478-8450 Listen Mobile: LastPass – The last password you have to remember! https://lastpass.com/ https://lastpass.com/enterprise/pricing-roi/ Dealing with Subdomains and Autologin As a user of LastPass, I often set up my sites to autologin - automatically fill in the credentials and submit them. But I sometimes run into situations where autologin won’t work. As an example, my school/workplace requires that I use two sets of credentials on the same web domain. This fact ‘confuses’ the autologin feature at times. Sorry, I can’t be more technical than that. The problem at work has been mostly remedied with the implementation of the SSO portal (single sign-on) which gives me access to sites that use one set of credentials. Most of the sites, anyway, so that’s good. Out of habit, though, I’ll sometimes forget and try to login to a site from outside the portal. And that’s where I can run into problems, and by problems, I mean autologin doesn’t happen. Yes, I can click the LP icon in the corner of the textbox and select the correct site from there, and so this is really only a minor annoyance. That said, I finally wised up and googled the problem and that’s when I learned about URL rules. URL rules let you specify sites by their specific addresses/paths. Sites which of course match a site in your LP vault. When you do this, LP will ignore all other addresses even similar ones within the same domain. This has fixed the problem for me. I also noted that URL rules lets you set a specific port for the site. 8080, or whatever custom port is required. Nice thinking! To set a URL rule in LastPass, goto your LastPass Account > Settings > Edit Settings tab > find and click on URL rules all the way to the right at the top. I added my addresses to the Domain text field. It did not seem to matter that I put nothing in the Path text field. At least it didn’t for me. Once I hit Add, the address was parsed/split up between Domain and Path as LP saw fit. And it worked. That’s the bottom line. https://lastpass.com/support.php?cmd=showfaq&id=3676 URL rules – set ‘em up: If you have multiple logins for a particular domain, LastPass fills in the closest URL match by default but will show all sites from that domain in its matching list. This behavior can be changed to only show sites that match particular hosts/paths “By default, LastPass stores a URL Rule for some sites for your convenience. Sites are added and updated as we discover them.” URL Rules Question: can I set the URL rule for sites as I create/save them? Amber said this was something they might consider LastPass Sentry LastPass Sentry is an extra security service that LastPass performs for its customers. They pull a list maintained by PwnedList.com of publicly leaked usernames and passwords and check their customers’ email addresses (the one associated with their LastPass account) against it. If there’s a match, LastPass notifies the customer making them aware of the security breach and letting them know they should change their password immediately. They’ll also advise that the customer checks their other sites for duplicate use of the email address + password and change those as well. In the words of LastPass themselves: How It Works 1. Sentry performs daily checks, with the latest updates to the PwnedList database, to see if LastPass account email addresses are on the list. 2. If a match is found,
