Amber Gott (@lastpass), Online Community Manager for Last Pass (https://lastpass.com/) and Rich O’Neil (@dvn7) joins Jim (@jcollison) and for show #155 of Home Tech Podcast brought to you by the Average Guy Network, part of http://thegeeksnetwork.com/ community.
Support the Average Guy Tech Scholarship Fund: https://www.patreon.com/theaverageguy
Join us for the show live each Thursday at 8pmC/9E/1UTC at http://theAverageGuy.tv/live or call in your questions or comments to be played on the show at (402) 478-8450
Subscribe to the TAG Weekly Update (Be in the know!)
Dealing with Subdomains and Autologin
As a user of LastPass, I often set up my sites to autologin – automatically fill in the credentials and submit them. But I sometimes run into situations where autologin won’t work. As an example, my school/workplace requires that I use two sets of credentials on the same web domain. This fact ‘confuses’ the autologin feature at times. Sorry, I can’t be more technical than that. The problem at work has been mostly remedied with the implementation of the SSO portal (single sign-on) which gives me access to sites that use one set of credentials. Most of the sites, anyway, so that’s good.
Out of habit, though, I’ll sometimes forget and try to login to a site from outside the portal. And that’s where I can run into problems, and by problems, I mean autologin doesn’t happen. Yes, I can click the LP icon in the corner of the textbox and select the correct site from there, and so this is really only a minor annoyance.
That said, I finally wised up and googled the problem and that’s when I learned about URL rules. URL rules let you specify sites by their specific addresses/paths. Sites which of course match a site in your LP vault. When you do this, LP will ignore all other addresses even similar ones within the same domain. This has fixed the problem for me.
I also noted that URL rules lets you set a specific port for the site. 8080, or whatever custom port is required. Nice thinking!
To set a URL rule in LastPass, goto your LastPass Account > Settings > Edit Settings tab > find and click on URL rules all the way to the right at the top.
I added my addresses to the Domain text field. It did not seem to matter that I put nothing in the Path text field. At least it didn’t for me. Once I hit Add, the address was parsed/split up between Domain and Path as LP saw fit. And it worked. That’s the bottom line.
URL rules – set ‘em up:
If you have multiple logins for a particular domain, LastPass fills in the closest URL match by default but will show all sites from that domain in its matching list. This behavior can be changed to only show sites that match particular hosts/paths
“By default, LastPass stores a URL Rule for some sites for your convenience. Sites are added and updated as we discover them.”
URL Rules Question: can I set the URL rule for sites as I create/save them? Amber said this was something they might consider
LastPass Sentry is an extra security service that LastPass performs for its customers. They pull a list maintained by PwnedList.com of publicly leaked usernames and passwords and check their customers’ email addresses (the one associated with their LastPass account) against it. If there’s a match, LastPass notifies the customer making them aware of the security breach and letting them know they should change their password immediately. They’ll also advise that the customer checks their other sites for duplicate use of the email address + password and change those as well. In the words of LastPass themselves:
How It Works
1. Sentry performs daily checks, with the latest updates to the PwnedList database, to see if LastPass account email addresses are on the list.
2. If a match is found, an email notification is sent to the LastPass user, notifying them of the domain that was breached and the potential risk.
3. Users can then run the LastPass Security Challenge to verify if the password for the breached site is used elsewhere.
4. We then recommend updating the password for the affected account, and any other accounts using that password, using LastPass to generate a new, strong password.
Please use http://theAverageGuy,tv/amazon and no longer use amazon.theaverageguy.tv. That second link violates the team and conditions on Amazon.
By the way, I dropped a TAG Amazon link into my wife’s computer’s Chrome Browser Bookmark Bar and told her NEVER to just type in www.amazon.com, to ALWAYs use the bookmark link. So I am trying to help that way!! – John Greenaway
John has an idea for a shared product for the Tech Scholarship fund! http://amzn.com/B0029U2YSA
http://www.enuffpc.com/ – Site suspended for billing reasons
Powerocks Magic Cube Battery for Smartphones – http://amzn.com/B00B1GRL8Q or http://shop.powerocksusa.com/
Western Digital WD SATA III Intellipower 64 MB Cache Bulk/OEM http://amzn.com/B00EHBERSE
Facebook Page: https://www.facebook.com/theAverageGuyTV
Facebook Group: https://www.facebook.com/groups/theaverageguy/
The Show Announcements and Schedule: https://twitter.com/#!/TheAverageGuyTV
Jim’s Twitter: http://twitter.com/#!/jcollison
Andrew’s Twitter: http://twitter.com/#!/unrealshots
Contact Christian: firstname.lastname@example.org
Contact the show at email@example.com
Find us on Facebook: https://www.facebook.com/groups/theaverageguy/
Find this and other great Podcasts from the Average Guy Network at http://theaverageguy.tv
Some links may contain affiliate codes that benefit the Average Guy Podcast Network.