Oct 6, 2010

LastPass How-To: Replacing a Site's Old Password with a LastPass Auto-generated One

So you've run the LastPass Security Challenge and now you know which of your passwords are "weak". You also know that replacing your old passwords with ones that you've auto-generated with LastPass will help you better protect your accounts.

Wondering what the next steps are?

LastPass tries to make it as painless as possible to replace old passwords. We’ll use a demo Gmail account to show you how to update the password for a site that you've already stored in your LastPass Vault with a new, randomly generated password.

Open the Site's Personal Settings

To begin, login to the target site and access the account settings or preferences page where you can change your password. In the case of a Gmail account, we have to go to the 'Personal Settings' section:

When you launch the ‘change password’ page, you will usually be asked to enter your old password and then a new password twice.

Fill Your Current Password

When you focus on the ‘Old password’ field by clicking on it, LastPass will prompt you with a notification bar. Select 'Fill Current' to fill in the current password you have stored for the site:

Generate a New Password

After clicking ‘Fill Current’ and autofilling your old password, you can then click ‘Generate’ from the same notification bar to create a random, unique password.

LastPass will pop a dialog box, where you can even click "Show Advanced Options" to specify the number and types of characters the new password should include:

Click ‘Accept’ to store the newly generated password in your LastPass Vault.

Autofill the New Password Fields

By clicking "Accept", LastPass also autofills the ‘New password’ and ‘Confirm new password’ fields with your newly generated password:

Save Your Password Update

Now click ‘Save’ on the website to submit the changes to your account. After clicking ‘Save’, LastPass will prompt you to either ‘Confirm’ that change or ‘Save New Site’:

By clicking on ‘Confirm’, you will tell LastPass to swap the new, generated password for the old one stored for the site. ‘Save New Site’ creates an entirely new entry for the site with your previous username and the new, generated password, while leaving the old site entry, with your username and previous password, intact.

If you choose not to 'Confirm' or 'Save New Site', the generated password will have its own entry in your Vault and you can manually replace the old password in your site entry.

The next time you login to your site, LastPass will autofill with the new, generated password. Now you really have no excuses to up the strength of your stored sites!

Have more how-to article requests? Send us a note at support@lastpass.com with your idea, and we may just cover it!