Lastpass Identity Protection

  1. Lastpass Identity Protection

LastPass Identity: LastPass Identity combines the features of LastPass Enterprise and LastPass MFA and provides a holistic view of end-user activity from a single dashboard that covers passwords, authentication, and all apps in use. Product Architecture The LastPass service features a vault, in which sensitive user data is stored and, based on. LastPass offers credit monitoring alerts for all LastPass paid subscription plans for users in the United States. The service provides real-time protection, notifying users who enable the feature via pop-ups and email alerts if their credit report suddenly changes. Multifactor Authentication is a security feature that can be enabled for protection against unauthorized access to your account. If you're using a personal device that is only used by you, and you follow general security best practices (e.g., run anti-virus service, avoid accessing suspicious links, etc.), you can choose to 'trust' your device, which skips the Multifactor Authentication prompt.

HELP FILE

Symantec Endpoint Protection App Integration

Set up an app integration so that your user can sign into this app using the same credentials that they use for LastPass.

Part 1 - Add the SSO app to LastPass

  1. Log in and access the LastPass Password Manager Admin Console by doing either of the following:
    • While logged in to LastPass, click the active LastPass icon in your web browser toolbar, then select Admin Console in the menu.
    • Log in at https://lastpass.com/company/#!/dashboard with your admin username and Master Password.
  2. In the left navigation of the Admin Console, go to Applications > SSO apps.
  3. If you have not previously added SSO apps, click Add your first SSO app. Otherwise, click Add Application in the upper-right navigation.
  4. Under the 'Select your app' section, choose one of the following options:
    • If your app is in the catalog, click the app name to select it.
    • If your app is not in the catalog yet, click on the Custom tab and enter a name in the App Name field.
      Note: If you add a custom app, you must click on the Service Provider section provide the ACS URL before you can save the app. You can find the ACS data from the app's Service Provider metadata or website.
    • If you want to copy the configuration of an app you have already set up, click the Copy tab then select the app from the drop-down menu.
  5. Under Identity Provider, the following items are listed, which you can copy and paste to a text editor application if needed:Option
    Description
    Entity ID (for LastPass)https://identity.lastpass.com
    SSO End Pointhttps://identity.lastpass.com/SAML/SSOService
    Logout URLhttps://identity.lastpass.com/Login/Logout
    CertificateDefault is selected, or select another
    Certificate FingerprintCustom
    Certificate Fingerprint (SHA256)Custom
  6. Optional: If needed, you can click the Download icon to download and save the LastPass Certificate (TXT) and/or Metadata (XML) files.
  7. Open a new web browser window or tab to proceed with the next steps.
Identity

Part 2 - App Configuration

Open a new tab on your browser and log in to your Symantec Endpoint Protection account. Then, f ollow the instructions to configure the SAML SSO for Symantec Endpoint Protection Cloud.
Lastpass

Part 3 - Finalize the Symantec Endpoint Protection SSO App Configuration

  1. Return to the LastPass Admin Console.
  2. On the LastPass Admin Console web browser window or tab you left open as the last step in Part 1, locate the Service Provider settings.
  3. Under Service Provider, enter the following:Option
    Description
    ACS (i.e., Post Back URL, Reply URL, or Single Sign-On URL)This is the URL to which authentication responses (containing assertions) are returned. If you added a Custom app, the ACS information is required in order to save the app.
    Entity ID (i.e., Issuer ID or App ID)This is the Metadata URL of the Service Provider.
    NicknameThe name of the app how it appears in the Admin Console (and Cloud Apps, if your users have a LastPass password management Vault).
  4. Click Save when finished.
  5. Optional: Under the Advanced Setup section, you can add any of the following customizations:
    • Role
    • IDP (custom)
    • Relay State (custom)
    • Identifier (choose from Email, Secondary Email, User ID, Groups, Roles, or CustomID - by default, Email is selected).
    • Step Up Authentication - Check the box to enable the use of the LastPass MFA app when signing in to your app.
    • SAML Signature Method - Check the box(es) for using SHA1 and/or SHA256.
  6. Optional: Under Custom Attributes, you can add various SAML attributes (learn how to create them here). If you have already created custom attributes, you can use the drop-down menu and choose from the following options:
    • Email
    • Secondary Email
    • User ID
    • First Name
    • Last Name
    • Groups
    • Roles
    • CustomID
    • Constant value
  7. Optional: If desired, check the box(es) to enable any of the following settings:
    • Sign Assertion
    • Sign Request
    • Sign Response
    • Encrypt Assertion
  8. To add more attributes, click + Add SAML Attribute, then use the drop-down menu to make your selections.
  9. Optional: If desired, click Choose File to upload a Partner Certificate.
  10. Click Save and assign to begin selecting users to assign. Otherwise if you have already saved the app, click the Assign Users icon for your app.
  11. You can assign new users or groups, or manage those already selected by doing either of the following:
    • To assign new, select the User or Group tab, then locate and click to select.
      Tip: You can deselect by clicking on the user or group again, or click Remove All to remove all selected users.

    • To manage selected, click the Selected tab to view all users and groups already assigned. If desired, click the Delete icon to remove users or groups.
  12. Click Save when finished.

    Result: Your SSO app is now configured! The LastPass users you assigned to this SSO app can now log in and access the app using their LastPass account.

HELP FILE

Lastpass Identity Protection

About LastPass Premium Credit Monitoring

The LastPass Premium Credit Monitoring service offers more comprehensive protection for your identity. While the LastPass Credit Monitoring alerts you that changes have happened that could affect your credit report, the LastPass Premium Credit Monitoring service provides intricate details of why your credit changed and how you may go about investigating and resolving unauthorized credit changes. Suspicious issues are, with your approval, investigated, unauthorized activity stopped, and records restored by a team of experts at no additional charge.

Limitations and restrictions

  • LastPass Premium Credit Monitoring is not available to LastPass Free users.
  • LastPass Premium Credit Monitoring is a separate add-on service (additional $9.95 per month) that can be purchased by users with a paid subscription plan for LastPass (see below for benefits)
    Note: The Premium Credit monitoring service is not included with a LastPass Premium plan purchase.
  • In order to enable LastPass Premium Credit Monitoring, you must first enable LastPass Credit Monitoring
  • Both the LastPass Credit Monitoring & LastPass Premium Credit Monitoring services are only available for addresses in the United States.

Why should I use LastPass Premium Credit Monitoring?

  • Full access to your three credit reports from the three major credit bureaus (not just TransUnion), including being able to see your credit scores.
  • Regular monitoring of all three of your credit reports.
  • Instant alerts to any changes that occur on any of your credit reports, with detailed information on what changed and how to take action.
  • Refresh reports displayed in the credit monitoring dashboard every 30 days.
  • If you prefer not to go through the hassle of getting your free annual credit report, as validated by the Federal Trade Commission (FTC), or want more information on a timely basis throughout the year.
  • Full-service resolution in the event that your credit information is corrupted as a result of identity theft.

The full Terms and Conditions for LastPass Credit Monitoring & LastPass Premium Credit Monitoring services can be found here , and the Privacy Agreement can be found here.

Related Articles

Lastpass Identity Protection

  • How do I enable LastPass Premium Credit Monitoring?
  • LastPass Credit Monitoring and Premium Credit Monitoring FAQs
  • How do I cancel the LastPass Premium Credit Monitoring service?