Feb 18, 2013

LastPass Enterprise Gets an Update, Introduces SAML Support

Last week we released LastPass 2.0.20 for all browsers, with a number of great updates and features to help our users get more out of LastPass.

As we mentioned, the latest update to LastPass also includes a number of new features and improvements for LastPass Enterprise. Most notably, the new release includes:
  • Beta SAML support
  • A new policy to send user's security scores to admins
  • "Push sites" capability so a user can take ownership of a data entry
  • Improved Super Admin password recovery
Read on for more information about the new updates:

Beta SAML Support

LastPass has begun expansion of our SAML offering, providing a true Single-Sign On experience in a user's web browser. SAML will allow your employees to access their favorite services without a password. By simply being logged into LastPass, the user will not be presented with a login screen - they can immediately use the apps they need every day since LastPass does the behind-the-scenes authentication for them.

This program is in beta. If your company is using any of the apps we currently support (Google, box, SalesForce, Zendesk, and others), please feel free to initiate a free trial. Once out of beta additional fees will apply should you choose to continue utilizing the LastPass SAML service. More information to come!

Policy to Send Security Score

One of our most popular features, the LastPass Security Check analyzes all of your stored passwords and gives you a score from 0-100 based on the strength of your passwords, the frequency of duplicated passwords, and the use of other LastPass security features.
Enterprise users can now take better advantage of the Security Check by enabling the Security Check policy. Once enabled (in the "Setup" tab of the Enterprise Console, you can select "Add Policy"), the policy allows you to receive the Security Check results for all users in your Enterprise set-up, so you can see who may not be following best practices and make recommendations as-needed. Admins will also see an aggregated score for the organization in Enterprise console home page. Users will also see their score in their vault, so they have a personal reminder to look at improvements.

Push Sites

The new "push sites" feature allows Enterprise administrators the ability to permanently give a site to an Enterprise user. By "pushing" a site to a user, you're giving them ownership of that data entry - it is now stored in their vault.

There are two main scenarios where this feature will be most useful:

1. With our SAML offering, the admin can set up SAML to login to a service (such as google.com) so the users themselves don't have to authenticate, but push sites can be used to have the google.com entry show up in the user's vaults automatically.

2. If a company decides to adopt an online tool and creates a default account for all users,  the admin can push the default site into the user's vaults so that they can change their password on their first login and store the change in their vault. 

Improved Super Admin Password Recovery

Previously, enabling the super admin password recovery policy required that all users reset their master password for a proper exchange of encryption keys. Now, this happens automatically without users needing to update their LastPass master password, allowing for easier implementation of the policy after users have created their accounts.

More exciting changes to LastPass Enterprise, and LastPass in general, are on the way - so keep an eye on our blog for new updates!

The LastPass Team