Before deploying LastPass, you may want to update your internal IT policies and/or employee guidebook to specifically reference LastPass. Doing so will help set expectations for why employees should use LastPass, and best practices for using it.
You may also want to provide helpful LastPass resources for reference.
Here is a sample of what to include when updating your policies:
We use LastPass for storing and sharing passwords. LastPass is an online password manager. LastPass is a password manager and single sign-on solution. As a digital vault, it keeps all your website logins organized and safe. LastPass can also create new passwords, fill out online forms, facilitate password sharing, alert you about weak passwords, and more.
LastPass will be the official password manager and single sign-on solution for all “COMPANY” employees. The software will be installed on your browsers as a browser extension. As you go to work-related sites, save the credentials to your LastPass vault. LastPass will then autofill those passwords the next time you go to log in.
We recommend following these best practices when using LastPass:
- Use the password generator to make sure every password is unique and strong
- Create a long, strong master password. To make it long but memorable, consider making a “passphrase”, like: tealbrickpumpedlunchskiing
- Never share your master password with anyone, including LastPass
- Never use your master password as the password for another account
- Add another layer of security by enabling multifactor authentication for added protection
Your LastPass Business account (which uses your work email address) is to be used for work passwords only, since your account can be terminated at any time. If you would like to store personal passwords in a password manager, you can create a free personal LastPass account at www.lastpass.com.