Last Pass Sesame, 2-Factor Authentication For Last Pass Premium Users
You know that Last Pass is my password manager of choice. Not to long ago I made the decision to become a premium user, not because I needed additional features like mobile access but because it would support the developers of this awesome product. A premium account sets you back $12 per year, and you get a lot for that money. From priority support over an ad free website to mobile device support, multifactor authentication via Yubikey to LastPass Sesame.
I recently stumbled upon LastPass Sesame by chance. It is a free tool for 32-bit and 64-bit editions of Windows, Linux and Mac operating systems (that's what the help file states, I was only able to find the Windows download on site) that can be used to add multifactor authentication to Last Pass.
It has been specifically designed for USB Thumb Drives and situations where you cannot "trust" the PC you are working on. Ideal for libraries, Internet Cafes, connections via wireless networks and other public places that offer access to computer systems or networks.
Read on to find out how Last Pass Sesame is setup and used. It begins with the authorization of Last Pass accounts in the software. This is done by entering the Last Pass username and password into the authorization prompt that opens on first start.
Each user account that is authorized this way is shown in the main program window. Here it is then possible to click on the Generate One Time Password button to create a one-time password for that account.
Each new account needs to verify participation before it becomes available in the software program. An email is automatically send to the account's email address. The email contains a link that needs to be clicked on to activate Last Pass 2-step verification log ins.
The account from that moment on will be protected by the default username and password, and the one-time password that needs to be generated whenever you want to log into your Last Pass account.
Sesame can be deactivated at anytime. An email with a link to deactivate Sesame is send to the registered email address which again needs to be confirmed (by clicking on a link).
Take a look at the video below to see the whole process in action.
Last Pass Sesame adds a new layer of protection to the account. The procedure is definitely more secure than the standard Last Pass authentication method. That alone should be reason enough to give it a try, especially if you put it on a secure USB stick that supports data encryption.
Last Pass Premium users who would like to give Sesame a try can download it from the official website.Advertisement
“I recently stumbled upon LastPass Sesame by chance. It is a free tool for 32-bit and 64-bit editions of Windows, Linux and Mac operating systems (thatâ€™s what the help file states, I was only able to find the Windows download on site) that can be used to add multifactor authentication to Last Pass.”
Works with Linux,when you visit site through link from article you are taken to a Linux download page.
“The following download item matches your computer’s configuration best. To download another item, view the full list of downloads for your platform.
LASTPASS FOR LINUX, SOLARIS, BSD, ETC”
Goofrey, thanks for the information.
Free version of Lastpass also offers OTP (One Time Password), not as smooth and easy to use but works well on untrusted machines whenever you need it. Just requires to have a list of predetrmined password handy (on mobile device or text file somewhere). For occasional out of home usage, that already a good thing, for more extensive use, Sesame is what you need!
(as often, spot on GHacks ;-) )
I really like that they are offering that many apps and additional tools for Last Pass.
I also use lastpass premium and think it’s great.
Instead of using the sesame approach, I use lastpass with yubikey.