LastPass user guide
LastPass user guide
Embedded Files
As a remote organization with staff based all over the world, one of ACLED’s primary concerns is digital security. All those working for ACLED need to have a heightened awareness of digital security issues and make sure they follow the organization’s digital security guidelines.
In order to protect the login information of our accounts, ACLED uses a password management program called LastPass. LastPass is a password manager that stores encrypted passwords online and the LastPass extension allows for a seamless login experience. The passwords for ACLED accounts needed for your work will be shared with you through this platform. ACLED encourages all team members to also use LastPass for their personal accounts to keep themselves protected!
The following is a short overview of the steps needed to install and correctly use LastPass as your password manager. In case of any issues, please consult this guide and refer to the LastPass website for further information. If the issue persists, please contact the Operations team at operations@acleddata.com, copying your supervisor.
How to Install and Use LastPass?
How to Install and Use LastPass?
Create your LastPass account here using your preferred email address. In case of any issues with that email, make sure to indicate your LastPass email to your RM. If you plan to use your LastPass account for your personal accounts (which as mentioned above, ACLED strongly recommends) then we would recommend using your personal email so that you can continue using the account if your role at ACLED would change.
Create a strong master password for your LastPass account. A good practice is to change your master password every 6 months. Set a reminder on your calendar for password change.
Download the LastPass browser extension. Click here to download the extension and here to see more information about what the extension can do. You must download the browser extension in order to correctly use LastPass with ACLED passwords.
Once you download the browser extension, you must log in using the account you created in steps 1 & 2. To do so:
Click the LastPass browser extension icon in your browser toolbar (on the top right of your screen or under "extensions" - pin the extension to the toolbar). It will be grey if you are not logged in to your LastPass account, and red if you are logged in.
Log in with your username and master password.
Now when you click the LastPass icon, you will be able to open your vault (click “Open My Vault”) and manage your data.
LastPass saves all of your passwords—both the ones you save yourself and the ones shared with you by others—in your vault. To save a password that you created to your LastPass vault following these steps:
In your vault, click on the red circle with a + inside it in the bottom right corner.
Select “Password.” LastPass can also save different types of information, and you may want to save your credit card information or address or other things in your vault. Your LastPass belongs to you, and ACLED cannot access any information in your vault unless you share it. Feel free to save any personal passwords to your personal vault.
Fill in all the information for your password and click Save. Below is an explanation of all the different fields you are asked to fill out.
URL: The exact web address of the login page for the password. If the password fields are located on a separate page from the website homepage, you should put the login page URL here so that LastPass will know to fill in this password on that website.
Name/Folder: A label or a folder for the password that you create to help organize your vault.
Notes: Any notes that are related to that password or website. These will not autofill, and are just for your reference.
Once you create a password in your vault, you can do several things with it.
Click “Launch” to go to the URL associated with that password and use LastPass to log in.
Click the tool icon to edit the password information
Click the people icon to share the password with someone else. When you share the password, you can click a box to allow them to see the password, or not and they won’t be able to view or copy the password you shared. Be sure you are only sharing it with email addresses associated with a LastPass account.
To use LastPass to log in to a website, navigate to the login page of a website. A small grey LastPass icon will appear in the username and password field. Numbers on the side will indicate how many passwords you have in your vault for that website. Click on the icon and then select the password you want to use to log in to the site. LastPass will autofill the information from your vault.
When ACLED shares a password with you, you will receive an email alert to the email address associated with your LastPass account. The email will prompt you to accept the shared password, and then it will appear in your vault. Here are some things to note with respect to shared passwords:
ACLED will often share passwords with you without the password visible. When this is the case, you will not be able to see the password in your vault, but you will be able to use the browser extension. You will only be able to see (and copy) the password if it is deemed necessary for the LastPass share to function.
Sometimes, it takes a few minutes for LastPass to load a password into your vault. If you are unable to launch a password or LastPass does not fill in the login information immediately after accepting a share, wait a few minutes and try again.
Visit this page to get familiarized with the way LastPass functions.
Creating strong passwords using LastPass
Creating strong passwords using LastPass
Building unique and strong passwords can be frustrating - why not explore the password recommendation feature that LastPass offers for free? All you have to do is click on the grey lock sign when creating a new password and LastPass will suggest a randomized password for you.
Please note, that LastPass’s default settings for password recommendations do not meet ACLED’s strong password requirements. However, there is an easy fix: Log into your vault and go to “Advanced Options” on the left side > "Generate secure password" > adjust the settings to 15 characters or more and select that symbols have to be included too.
Some common issues when logging in using LastPass
Some common issues when logging in using LastPass
If you are having issues with your LastPass access, refer to this list and check if you can find your problem here. Follow the checklist step by step to make sure you are following appropriate procedures.
Make sure you have the browser extension installed!
Clear your cache and try again. You can find the instructions on how to clear your cache and cookies if you are using Chrome here and if you are using Safari here. The instructions for clearing cache and cookies in other browsers are available on Google and other search engines.
If LastPass is giving you incorrect login info, it could be that the password manager is filling the login fields with a different account’s login info. Try clicking on the username and password info and choosing the correct entry from a drop-down menu that will appear (see below). Make sure to choose both appropriate username AND password before you click “sign in” as the program sometimes faces lagging problems.
If I want to log in to the Africa email, I have to select “Africa email” for both the username and password – not another email address in my vault.
If that does not work and you can see the password for that specific account in your LastPass, go into your vault, check the login info and fill out the password manually (or copy/paste). ACLED usually does not send visible password information but in cases that you do have the password spelled out, you can try this approach.
Make sure you are launching the website directly from LastPass, as that will take you to the correct page.
Check the URL noted for the account if you are launching directly. In some cases, the URL may be incorrect (can incorrectly fill in when originally created). If it is incorrect, and you know the correct URL, go to that URL and then log in following the approach shown in #1 above. If you don’t know the correct URL and none of the other steps below work, confirm the URL is correct with the Operations team.
Restart your computer and try again.
If you are still having issues, contact the Operations team via email. Make sure to describe your problem, how long you have been having this problem, and note your timezone and when you will be online in the following 24 hours and available to work on the issue.
If the LastPass account you are using is locked out and you cannot recover it, use a different email address to create a new account and send new information to the Operations team, requesting access to the accounts you need again.
What should I do if I have lost my LastPass password?
What should I do if I have lost my LastPass password?
Your LastPass account (even when connected to an @acleddata.com email address) is your private account and no one at ACLED has admin privileges that could help you to recover your password. Please refer to this LastPass website to help you with troubleshooting in case you lost/forgot your master password. There are several account recovery methods to use to restore access to your Vault. Especially the "Have you logged in to the LastPass browser extension at least once from any browser?" section might be relevant since team members were instructed to always use the LastPass browser extension.
If the recovery options do not allow you to recover your master password, you will need to either reset your LastPass account (to keep the same username) or create a brand new LastPass account and re-enter all of your data.
Before resetting your account, get in touch with Operations so they can unshare the passwords before you reset the account as otherwise, a renewed sharing of the same passwords is not possible.
Please be aware that when you reset your account, all of your stored data that is encrypted with your master password is deleted permanently. This includes site passwords, secure notes, form fill items, identities, established multifactor authentication options, and approved trusted devices. Please visit this LastPass webpage for step by step instructions on how to reset your account.
Video: Using Last Pass
Video: Using Last Pass
A guide for creating a Last Pass account and its functionality (3:27 min.)
For RMs: LastPass Procedure for New Researchers
For RMs: LastPass Procedure for New Researchers
As part of onboarding, Research Managers shall discuss the usage of LastPass with the newly hired researchers and its pertinence to the overall security of the organization, as well as instill a sense of security awareness in the new consultants. The procedure for setting up a LastPass account is as follows:
RMs introduce the LastPass to the researchers and share this guide with them as part of the onboarding process.
RMs ask the researchers for an email address they will be using for their LastPass account. This will preferably be the primary email address noted for the researcher in the organization (and the Researcher List) but in case of issues with that email address, the researcher should indicate a different one.
The RM requests login info for Nexis or any other account the researcher might need, sending the researcher’s name, email address and the region, as this will help the Operations team to better determine which accounts the researcher should be using. The RMs should not be sending login info from their own LastPass accounts. All the access info should be provided from the main ACLED LastPass account as it allows for better oversight and allocation of the accounts.
The researchers shall be instructed to consult this guide first in case of any issues with the platform and if the solution is not found, to contact the Operations team directly through email, copying their RM (this is just for RMs reference unless Operations requests assistance).
If your question was not answered or the issue persists, please contact ACLED's Operations team at operations@acleddata.com.
Further readings:
Page updated
Report abuse