You know that Last Pass is my password manager of choice. Not to long ago I made the decision to become a premium user, not because I needed additional features like mobile access but because it would support the developers of this awesome product. A premium account sets you back $12 per year, and you get a lot for that money. From priority support over an ad free website to mobile device support, multifactor authentication via Yubikey to LastPass Sesame.
I recently stumbled upon LastPass Sesame by chance. It is a free tool for 32-bit and 64-bit editions of Windows, Linux and Mac operating systems (that's what the help file states, I was only able to find the Windows download on site) that can be used to add multifactor authentication to Last Pass.
It has been specifically designed for USB Thumb Drives and situations where you cannot "trust" the PC you are working on. Ideal for libraries, Internet Cafes, connections via wireless networks and other public places that offer access to computer systems or networks.
Read on to find out how Last Pass Sesame is setup and used. It begins with the authorization of Last Pass accounts in the software. This is done by entering the Last Pass username and password into the authorization prompt that opens on first start.
Each user account that is authorized this way is shown in the main program window. Here it is then possible to click on the Generate One Time Password button to create a one-time password for that account.
Each new account needs to verify participation before it becomes available in the software program. An email is automatically send to the account's email address. The email contains a link that needs to be clicked on to activate Last Pass 2-step verification log ins.
The account from that moment on will be protected by the default username and password, and the one-time password that needs to be generated whenever you want to log into your Last Pass account.
Sesame can be deactivated at anytime. An email with a link to deactivate Sesame is send to the registered email address which again needs to be confirmed (by clicking on a link).
Take a look at the video below to see the whole process in action.
Last Pass Sesame adds a new layer of protection to the account. The procedure is definitely more secure than the standard Last Pass authentication method. That alone should be reason enough to give it a try, especially if you put it on a secure USB stick that supports data encryption.
Last Pass Premium users who would like to give Sesame a try can download it from the official website.
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.