Aug 25, 2011

New LastPass Enterprise Feature: Link Your Personal Account to Your Company Account

We've added a new feature to LastPass Enterprise that allows you to link your personal LastPass account to your Enterprise LastPass account, making it even easier for you to maintain a workflow between the two!

Take the following scenario. You've been a LastPass user for a while, and are loving the convenience and security it adds to your digital life on a daily basis. You start thinking about how disorganized your office is when it comes to passwords - always tracking someone down to get that login, trying to find the Post-It that someone tacked to the community board with the pin to that program...And that's when you suggest LastPass Enterprise, the SMB solution to password problems!

But once you convince your company to give LastPass a go, you may run into the issue of keeping your current, personal account separate from your newly-created Enterprise account. However, you also don't like the idea of managing two different LastPass accounts. And that's where Linked Accounts comes in!

Our new option to "Link Personal Account" allows you to integrate your personal account with your Enterprise account, without mixing your personal data with your business data.

Getting set up with Linked Accounts is easy. Just login to lastpass.com with your Enterprise account. Once you're logged in, you can click on the "Link Personal Account" link on the left-hand Actions menu:

When prompted, you can then login with your personal account. And voila! Your personal LastPass account will now appear as a sub-folder in the vault of your Enterprise account, and you will be able to view, edit, and login to your personal sites as usual.

Whatever company policies have been created by your organization for LastPass Enterprise will be applied to that sub-folder when you are logged in via your Enterprise account. However, you can still login separately to your personal account, and those Enterprise policies will not be transferred over, nor will the login activity for the sub-folder or your personal account be reported to the Enterprise Admin. Any updates you make to the sub-folder will automatically be pushed back to your personal account.

More great LastPass Enterprise updates are on the way. Try adding your LastPass account to your Enterprise account today - and if this has held you back from starting a trial for your company, check out LastPass Enterprise to see if it meets your company's needs!

Thanks,
The LastPass Team

30 comments:

  1. Does sound like a good idea... though I don't think the idea quite solves my qualms. I would've preferred it the other way, where I'm logged into my personal like usual, but I can link a separate enterprise account to that, so I have access to the enterprise account.
    This solves the horror of turning a personal account into an enterprise user and ending up giving the enterprise admin the ability to delete your personal account off LastPass. But doesn't sound like a very nice way to do things for people like me who use their personal stuff mostly and don't want to have to switch to the enterprise account, but also mix personal and work time heavily. If I used this I'd be liable to accidentally start dropping my personal logins into my enterprise account.

    ReplyDelete
  2. This sounds like a really dumb idea, never mix business with pleasure. Good try but no.

    ReplyDelete
  3. Love the new feature, having the ability to link the accounts will be very useful. However, it seems like after they are linked, if you're logged in using the enterprise account, you can't save any new sites into the linked personal account. You also can't share the sites you already have saved in the linked account, and I don't see any way to copy a saved site from the linked account to the enterprise account.

    Like your example above, i've been using lastpass on my personal account for some time, and am more recently using lastpass enterprise as well. I have lots of work accounts saved in my personal lastpass account. There should be an easy way to copy those profiles over to the enterprise account.

    ReplyDelete
  4. @Steve --

    You should be able to save sites to your personal account (by changing the group to match that folder name).


    We will look into sharing and moving sites out of personal to enterprise, it is on our TODO.

    Thanks for the comments.

    ReplyDelete
  5. Thanks guys awesome to see this feature up.

    ReplyDelete
  6. @Dantman

    I agree, I would prefer it to work the other way around as well. Also consider, it would allow you to link your personal account with multiple companies that way which may be useful in some scenarios. I linked my account, but as soon as I realized it suddenly gave my company's account full access to all my personal passwords (including login history) and the ability to delete the account, I turned it back off immediately.

    ReplyDelete
  7. I agree with steve, it would be nice to copy saved accounts from personal to business. I also have a ton of business accounts in my personal lastpass.

    ReplyDelete
  8. Same here. The other way around makes much more sense.
    Could we expect this in the near future?

    ReplyDelete
  9. I agree with everyone here. The linkin should be done from your personal to business. I really don't want to see my private logins at work, but I often need my business passwords at home.
    I think very few people would like to by mistake reveal all their personal passwords at work which is a very possible risk in the current implementation of linking.

    ReplyDelete
  10. I agree with everyone above. Reverse the process. As a network administrator, I do not like having the ability to reset someone's corporate password and having access to all of their personal accounts.

    ReplyDelete
  11. Thanks for the comments.

    The main reason why we only allow linking your personal inside your business is to ensure we continue to enforce policies set by the company administrators.

    Generally speaking, if we tried to enforce these policies when you log into your personal account (since you have full access to your business account), it could introduce login problems (e.g., IP Restrictions could prevent you from logging in from home) or might impose on you policies that you do not want (e.g., Idle timeout or restrict mobile).

    Mainly for this reason, we feel it doesn't currently make sense.

    ReplyDelete
    Replies
    1. Currently trying out LastPass Enterprise and this feature does feel like it's backwards. I do agree with other posts that Personal accounts should have the ability to link in multiple Enterprise accounts.

      With respect to policies I suspect it is technically difficult to manage policies at the folder level. Especially if multiple Enterprise accounts were represented as folders in your personal account.

      But I still think it makes more sense. The point of having LastPass is to have the one last password ever. Ironically this scenario requires me to have one for Personal, and others for any number of Enterprise accounts you may belong to.

      Delete
  12. Bob,

    You really do have it the wrong way around. ... Perhaps you could elaborate on your reasons given above for implementing it the way you have, where the employer can see and delete linked personal accounts, as they don't make sense to me.

    Thank you
    Jesse

    ReplyDelete
    Replies
    1. Hi Jesse,

      Employers can neither delete nor view your personally linked account.

      Bob

      Delete
  13. We want to share one shared folder with a contractor (system admin) that works with many other companies besides ours. They need to link their personal LastPass account to our Enterprise account so they can access our shared folder data. However, they will need to link it to other companies' Enterprise accounts as well, obviously.

    How do they do that?

    (The alternative doesn't work: once the secure note is inside a shared folder, it is impossible to share it with individual users. We tried that.)

    ReplyDelete
    Replies
    1. Hi Kevin,

      The best option is to make copies of the secure note, to be added to multiple shared folders if needed. The contractor may also need to make multiple accounts, since they can only link their account to one Enterprise at a time. Let us know if we can be of further help.

      Best,
      Amber

      Delete
  14. the vault interface has changed from the one pictured in this article, and there is no option on the left for 'Link Personal Account'. i'd really like to do this but i can't find the option in the new interface at all.

    ReplyDelete
  15. nevermind, it's not in the vault

    ReplyDelete
    Replies
    1. Hi Ren: The linking option is currently only visible in the online vault. Please login as www.LastPass.com, and select the "linking" option in the left-hand menu. Let us know if we can be of further help.

      Delete
  16. This is great BUT Form Fill Profiles do not get excluded, making it pretty useless to me as now I have to sign out and back into my personal account in order to fill in forms.

    Another one, I don't seem to be able to set it to save to my personal folder by default, meaning a bunch of sites keep getting saved to my enterprise account - not ideal.

    ReplyDelete
    Replies
    1. Hi Martin: Thanks for the feedback. Unfortunately there are some significant technical hurdles for making form fill profiles visible with linked accounts, but we hope to support it in the future. It sounds like there may be an Enterprise policy prohibiting updating your personal account, if you see ongoing problems with this please reach out to the team: https://lastpass.com/supportticket.php so we can take a closer look.

      Delete
  17. will my employer be able to login with my passwords if i link the accounts together??

    ReplyDelete
  18. Hello,

    I have multifactor authentication enabled on my personal account, and when I try to link my personal account to my enterprise account, the multifactor authentication window that comes up doesn't work, and it only has a link to disable multifactor authentication if i lost my device.

    I don't want to have to disable multifactor authentication on my personal account.

    Please advise.


    ReplyDelete
    Replies
    1. Having the same issue. Any ideas?

      Delete
    2. Which browser and which multifactor authentication option? May be best if reported to the support team: https://lastpass.com/supportticket.php with full details and steps to reproduce, and we can investigate further.

      Delete
  19. There are strict deadlines for the filing of the annual company accounts imposed by the HMRC and the Companies House.
    We can help with the selection of a suitable accounting package, its implementation and the bookkeeping to prepare company accounts and facilitate their preparation from the company’s basic financial records.

    ReplyDelete
  20. I have LP personal and on my phone and i love it. I convinced two companies so far to PURCHASE the enterprise edition. I linked my account the very next week and i then went into the office and started working. I logged into the Ent account and it was cool, i could see and use both. BUT i had NO IDEA that the enterprise admin then had full access to all my personal entries even if i did not share them.

    this feature would be GREAT if you could use both accounts, and by default, all your personal account data is BLOCKED from the enterprise users unless you share them or move them to the corporate account. I had secure notes with credit card data, and personal banking info, and all of the sudden the sysadmin told me he had all my stuff and could login to my accounts.

    ReplyDelete
  21. Several ideas:
    1) We need more shared folders for the LastPass Premium account. For example, I may want to share the garage door keypad number with my sister but not the info to my Netflix account. Or I may to share my child's school credentials but not have her change them. Right now, there's only one folder, which makes these scenarios a mess.

    2 ) I considered purchasing an Enterprise account for my family members to get the additional shared folders, though really, we need a Premium Plus plan, not an Enterprise plan. Because now we did convince our company to try the Enterprise version, but if I purchase an Enterprise account for my family I can't link it to my work Enterprise account.

    3) The mobile app needs to allow logging into BOTH a personal account and an Enterprise account. My Enterprise master password is longer and more complex than my personal one which makes it harder to use on a phone. So...have icons in the app (easiest for user) or a dropdown (less easy for user but sufficient) to select the account and then login to whichever one is necessary. I can use 2 browsers to manage my personal/Enterprise from the desktop but not the phone. And right now I'm having trouble linking my personal acct to the Enterprise one because it is having issues with the private key. Honestly I'd probably rather keep them separate entirely.

    ReplyDelete
    Replies
    1. Or two enterprise accounts, for that matter. For the use case where the other person had a secure note in a shared folder and couldn't share it to the contractor, making multiple copies of the same credential set is an utter fail. Keeping them in sync between copies will be impossible to manage and result in errors and folks having shares when they no longer should because someone will forget how many times that credential was copied.

      Delete
  22. UGGGHHHH! And now I logged out of my personal acct on my phone and logged in with the enterprise account and got an email on the enterprise account that my free 10 day trial started! I PAID FOR PREMIUM on my personal acct. WHY would an enterprise acct require a user to pay for the app again?!? So if I log into my enterprise account with my linked personal acct, my premium app no longer applies? Someone didn't think this through well enough.

    ReplyDelete