Division of Information Technology

LastPass Enterprise

Log In to LastPass Enterprise

LastPass Enterprise is a password management service that allows staff to set, store, and safely share unique and secure passwords for enterprise accounts.

Are you a student or just looking to store personal passwords, such as Facebook or Amazon? Check out LastPass Premium

About LastPass Enterprise

LastPass Enterprise is for use by Faculty/Staff to store and share passwords for Stony Brook systems only. For storage of personal passwords, we offer free LastPass Premium subscriptions to all faculty, staff, and students.

LastPass Enterprise is a password management service that allows you to create, store, and safely share unique and secure passwords for all of your enterprise accounts. Your passwords are safely stored in an encrypted vault accessible from any device, mobile or desktop.

LastPass Enterprise requires Duo Security for multi-factor authentication, requiring you to have access to a mobile device or landline phone for each login. If you do not have a Duo account currently, one will be created for you.

Click here to request a LastPass Enterprise account

 

Generate & Store Strong Passwords

Generate  and safely store strong and unique passwords for each of your accounts.

Free Personal Accounts for You and Your Family

An Enterprise account allows you to enable a free LastPass Families account for personal use, allowing you and up to five others to set up Premium accounts.

Access from Anywhere

Use your master password to access all your passwords on computers or mobile devices.

Safely Share Passwords

Safely share passwords with other Stony Brook users.

FAQs

Can Stony Brook University see my passwords?

No one at Stony Brook University, or LastPass, can ever see your passwords. However, due to the Enterprise nature of this offering, passwords can be reassigned to other staff in the event of your departure. Reassignment requires deactivation of your LastPass Enterprise account.

What if I already have a LastPass account with my Stony Brook University email address?

During enrollment, LastPass will prompt you to convert the existing account to an Enterprise managed one, or to create a new account entirely.

How can I activate the free LastPass Families benefit?

LastPass Families is available free of charge for personal use if you have a Stony Brook LastPass Enterprise account. You and up to five additional users can receive personal LastPass accounts for free, which are entirely maintained and supported by LastPass. These accounts are separate entity from your Stony Brook LastPass account, and support is provided by LastPass.

To activate the LastPass Families benefit, log in and navigate to Account Benefits as shown below.

 

What happens to my LastPass account after I depart Stony Brook University?

Your account will be deactivated, and passwords for shared systems will be assigned to applicable staff to continue your responsibilities. You will lose access to the account, so storing personal passwords in this account is discouraged. For personal passwords, you can use LastPass Premium.

Why would I want to store my passwords in the cloud? Isn't this weakening security?

No, it is far and away an enhancement to security. Your passwords are encrypted locally on your computer before they ever leave it, so neither LastPass nor Stony Brook have access to your passwords in human readable form, or any form which can be made human readable.

The primary benefit of using LastPass is the ability to use unique, randomly generated, passwords on each service. Using the same password, or many variants of one password, is a serious security issue in today's landscape. Using unique passwords for each service is great security practice because if one service experiences a breach, you need not change dozens of other passwords. Users taking full advantage of LastPass don't even know their own passwords to these services, as LastPass stores and auto-fills them.

Additionally, LastPass Enterprise (and even the personal Premium version) is protected by Duo Two-Step Login, so even if your LastPass password is compromised, an attacker will still not be able to access your passwords.

Are there Password Manager Guidelines to follow?

Password Manager Guidelines

When used properly, encrypted password managers can increase convenience and reduce risk by eliminating the need to reuse passwords or rely on weak passwords that are easy to remember. Even so, password managers can potentially expose our accounts to new risks that can be greatly reduced by following the below guidelines.

Do

  1. Use a long (16+ characters), strong (special characters, mixed case and numbers) master password that is NEVER reused on any other website or application.
  2. Enable two-factor authentication (2FA) on your password manager.
  3. Rotate or change your master password if you are concerned that it may have been compromised or once a year.
  4. Enable two-factor authentication for every account you store inside of your password manager.
  5. Reset any password that may have been compromised, or every year if you are unsure.

Do not

  1. Store two-factor authentication seeds in the same password manager as the corresponding password.
  2. Store high risk passwords of accounts that don’t have two-factor authentication enabled.
  3. Store master passwords inside of a password manager.
  4. Reuse your master password for any other account.
     

Additional Information

There are no additional resources available for this service.

Please Contact

Information Security Team