LastPass & Changes to Google Chrome

By December 17, 2013 Product Updates 63 Comments
The LastPass extension for Google Chrome has been updated today to address significant changes that Chrome is rolling out.

Starting in early January, Chrome is shutting off all extension updates that occur outside of the Chrome web store, in an effort to tighten security.

The update is now posted on the Google Chrome store, and we are automatically transferring over our users – most LastPass users will not need to take any action since the changes are happening behind-the-scenes.

However, some LastPass users may see a prompt for permissions to be granted to LastPass the next time they launch Chrome:

If you see this prompt, please press “Allow”. If you see this prompt, a download will start automatically – we start this download because we detect that functionality was lost in the transfer, and the download allows us to add back this functionality.

Again, most users will not need to take any further action, and the prompts for permission are not a cause for concern.

Our updates will allow LastPass users to continue running the extension without issues when Chrome is updated in January 2014, and we will update our community if any other changes will affect LastPass.

The LastPass Team.


  • nancy john says:

    Chrome are without doubt doing the most innovative stuff on the web these days, in large web literacy war. Great and important work!

    get rid of Security Shield

  • tallguy2270 says:

    I tried to add an attachment, but when I clicked on the paper clip :Last Pass said I needed to install the binary version. I just did that, and now the attachment option doesn’t appear. What do I need to do to do an attachment?

  • Darren says:

    Hi I’m using Lastpass with chrome, recently I am unable to open/edit a Vault entry of form fill entry that I have ticked as require Password prompt. In the past when clicking these entries in my vault, a popup window would open asking me to enter my master password. This popup does not appear anymore.

    Can you please advise how I can fix this.

  • i have this version installed on chrome:
    Version: 3.1.1
    Built: 2014-02-15 07:53:23
    Binary Component: true (Native Messaging version 3.0.15, built Nov 23 2013 14:33:22)

    but lastpass no longer autofills fields, nor can i prompt lastpass to fill, i have to copy and paste everything now manually. what gives?

  • BobN says:

    LPChrome_mac.crx doesn’t work, since Chrome won’t allow extensions to be added externally. So I can’t install the binary version. Opened a ticket on this. Second question: will binary version allow import of my Keychain data?

  • Sun says:


    Re-posting my query which I had posted on 31-Jan-14. Kindly revert ASAP with a fix.

    Am getting the below error message in Last pass plugin in chrome after a cleanup with CCleaner. How do I fix this issue?
    Error code: ERR_FILE_NOT_FOUND

  • Samir says:

    Finally, someone that is having the same issue I am after using CCleaner. It seems after using CCleaner, all the Chrome settings get erased and it logs out of Chrome. So I have to relogin and then it loses the settings on all my extensions and wants to reinstall LastPass. This is a big problem, but seems to be more of a Chrome problem than a LastPass problem. I end up using the vault to get my chrome (gmail) password and then use it to sign in to chrome.

  • Anonymous says:

    Am getting the below error in Last pass plugin in chrome after a cleanup with CCleaner. Hos do I fix this issue.
    Error code: ERR_FILE_NOT_FOUND

  • Kevin M says:

    Hello! I have a bit of a problem that I (after a quick look) didn’t see answered in the comments already. I use 2 different Chrome user profiles a personal profile and a work profile. I have a LastPass account for each work and personal.

    I’ve noticed with the new download that if I log into the extension for my work account on my work Chrome Profile and then go to my Personal Chrome Profile that LastPass is logged into my work account on both. This happens in reverse as well. It used to be that each LastPass extension for each Chrome Profile acted independently. Is there a simple fix I’m missing here?

    tl;dr LastPass extension logs into same account on any Chrome Profile I’m logged into.

    • Amber Gott says:

      Hi Kevin: In the LastPass Icon > Preferences > Advanced, in each profile, uncheck the ‘share login state’ option. Then try again – does it work the way you’d prefer now?

    • Anonymous says:

      Thanks so much for this tip, this was driving me crazy.

  • Anonymous says:

    How does LastPass compare with 1Password on a MacBook Pro retina using chrome browser?

  • windhorser says:

    Same problem as above…I lost my fingerprint log-in with the Chrome update. The fingerprint reader works for other programs, and for windows and user log-in, but it’s broken in LastPass. I get the request to swipe fingerprint, and immediately after that is done the password sign-in screen pops up. So I type in the password, which eventually becomes a nuisance because it’s a very secure password and not easy to type.

  • UM… when I enabled that “upgrade,” a few different extension viruses by Spigot were added to my Chrome browser. I removed Chrome, reinstalled it, and got rid of the malware using Malwarebytes.

  • Anonymous says:

    how can i get the lastpass icon on my google chrome toolbar?

  • حازم says:

    sadly i lost fingerprint log-in feature , although it works in firefox , uninstall lastpass and the extension and reinstall didn’t help me also i press allow when the pop-up appears but in vain, any suggestion

  • Anonymous says:

    On May 16, 2011 you stated clearly in a blog post that you would have “Several security reviews per year and that you would share those results with the public”. What’s happening with that?? I feel like your security has become a mess because of how defaults are handled for browser extensions as well as all the different browser’s you’re trying to support and methods to get your days inputted. Also, Android users should be told that every app they have installed has access to the clipboard without any additional permissions – so in other words your clipboard feature is HORRIBLE.

  • John Taber says:

    I am getting this today. Any reason why?

    No webpage was found for the web address: chrome-extension://hdokiejnpimakedhajhdlcegeplioahd/lp_toolstrip.html?browseraction=1
    Error code: ERR_FILE_NOT_FOUND

  • LaNMaSteR53 says:

    I see that installing the binary component adds certain functionality, but what does allowing native communication do if we do not install the binary component? Is there a way to go back and disable native communication if we chose to not install the binary component? I can’t find an option to do this within the preferences. Thank you.

  • Lastpass app for Windows Phone 8 saves few minutes of my precious time every day. I am addicted to this app.
    Thanks lastpass developers.

  • Will says:

    This doesn’t entirely make sense. If LastPass is moving everything to the Chrome web store, then why are we being asked to download a binary executable outside of the Chrome web store?

  • Rob says:

    I’m sorry, but I don’t understand this blog post. I received the “additional permissions” prompt (but only today, four days after this blog post), and clicked “allow”. Chrome then downloaded a Windows executable file (lastpass.exe). What does this file do, and why do I need it? Anyway I don’t have administrator access on my work computer, so I can’t run it. Will my access to LastPass be affected?

  • Anonymous says:

    The install closed all my Chrome windows and they weren’t restored on restart. Irritating as I had lots of research open. Love the product but the communication of these changes to users has been BAD.

  • Anonymous says:

    What had me confused with this update was that I never installed the binary component on my computers before and I only ever installed the Chrome extension (not the app), yet this update asked me to install the binary component. I clicked Allow for the request to add additional permissions, but declined to download the binary component. Please explain for my use case

    1) why I was asked to download the binary component?
    2) do I need to download the binary component?

    Thanks, and please try to communicate such changes better in the future.

    • Amber Gott says:

      Apologies for the confusion; you do not need to download the binary component. We default to asking to install it because it makes LastPass faster and allows us to provide extra functionality (see above) – you can leave your set-up as is. Let us know if we can address further questions or concerns.

  • Anonymous says:

    Clicking ‘Install Binary Component’ on LastPass Icon > Tools > About just downloads a zip file. Is it expected nothing more happens? The zip file contains a Installer program, that gives an error when executed: ”Browser extensions installation failed, please see /tmp/lpinstallstatus”. But no such file exist.

    On LastPass Icon > Tools > About it still says that no binary component is installed.

    This is on a Mac (Mavericks)

  • JohnSiple says:

    Last Pass is difficult if one does not read every detail in the “How to” rulebook.
    I have found over the past few years it is wonderful when it’s working right, but a handfull of times over each year I go mad attempting to access my account (Premium).
    The only way to ‘talk’ to them is by email, which is only a day or TWO fast, and by that time, well, you know what it is like when you cannot access a password.
    It continually tells me I have the same password for a few different websites, but e.g.: Amazon, Audible, and Kindle all REQUIRE one password.
    There ya have it.

    • Amber Gott says:

      We’re sorry to hear that, John – we do prioritize Premium support tickets with faster response times. However we’re happy to be of help if you’re still seeing problems. I’ve noted these sites for testing. Let us know if we can be of further help?

  • Anonymous says:

    I downloaded the native program, but it installs extensions for all browser. I don’t want this. So I guess my question is do I need to program for LastPass to work? I though everything was done in javascript, why does LastPass need to run any normal programs on my computer?

    • Joe Siegrist says:

      Binary features like filling in HTTP Auth / Basic Authentication sites are why it’s necessary, if you don’t need those features you can avoid installing it.

    • ndr says:

      that’s good to hear. Please don’t make a native part mandatory – some of us using the company provided computers will be forced to choose whether to use it, then. unfortunatey I can’t really “legally” have this plugin extension installed.

  • Anonymous says:

    I guess the big question is, WHY? Why does LastPass need to update itself outside of the Google Chrome Store? Why do we need yet one more bit of software that needs to skirt around the sandbox because it says it knows better?

    According to the blog you linked to, apps are not effected. There is an app in the Chrome Store, but you recommend the extension, so you are intentionally shooting your own foot.

    What is so bad about doing your upgrades via the Chrome Store?

    • Joe Siegrist says:

      We are now doing all upgrades via the Chrome Store going forward, this change was to facilitate that.

      Regarding the App versus Extension — unfortunately we have a company violating our trademark as an App — and Chrome’s store lists Apps before extensions (rather than how it should sort — by popularity). So we made the App to ensure people see us when they’re searching for LastPass and know which to install.

    • This seems to be an even bigger problem. Is these a bigger article on this? How can people recognize the incorrect one? Where are things at to have that App removed from the Chrome Store?

      concerned… very concerned

  • Martin Ellis says:

    I didn’t install the downloaded file. Clicked away by accident as had multiple windows open. Should I reinstall?

    • Amber Gott says:

      You shouldn’t have to do a full reinstall. As long as LastPass is still installed you can click the LastPass Icon > Tools > About, and click the “enable native messaging” link. The download should start again, and once complete you should be all set – let us know if you see any trouble.

  • Anonymous says:

    What happens if you hit deny by accident

    • Amber Gott says:

      Go to your LastPass Icon > Tools > About – hit enable native messaging – it should allow you to complete the download.

    • Robert Orbin says:

      When I go to your LastPass Icon > Tools > About Mine says “Version: 3.0.20
      Built: 2013-12-16 22:21:02
      Binary Component: false (Native Client only)” with a link to “Install Binary Component.

      What action should I take?

    • Amber Gott says:

      Please select the “install binary component” link – are you then able to complete the download?

    • Robert Orbin says:

      I think I’m all set now. It now says Version: 3.0.20
      Built: 2013-12-16 22:21:02
      Binary Component: true (NPAPI version 2.5.5, built Oct 31 2013 14:11:45)

      Is this correct?

    • Amber Gott says:

      Yep, that looks correct, as long as you don’t see an “enable native messaging” button.

    • Anonymous says:

      I dont want to install the Last Pass software on my PC. I share a PC with my family under 1 account and I dont want extra software. Will this still work as normal otherwise? Like it used to.

    • Amber Gott says:

      Yes, you can continue running it as-is, if you have no need for the extra functionality.

    • Anonymous says:

      What are some examples of the EXTRA functionality?

    • Amber Gott says:

      The binary component adds the following functionality:

      Idle timeout
      Copy Username/Password/Notes to clipboard (not supported on Linux)
      Faster encryption and decryption
      Share login state between other browsers (not supported on Safari for Windows)
      Fingerprint authentication (not supported on Mac OS X or Linux)
      Smart card authentication
      Import from a file
      Export to a file
      Import Wi-Fi passwords (not supported on Linux)
      Export Wi-Fi passwords (not supported on Mac OS X or Linux)
      Import from Safari and Opera Password Managers
      Add attachments to secure notes

    • Haggy says:

      There are three problems here. First, it would’t happen “by accident” but would happen when a user cancels so he/she could research this and get back to it. Second, the FAQ now addresses it, but says that canceling will keep the prompt from coming back, rather than having this explanation. And third, this should not be buried in the comments, but part of this post itself.

      The ONLY fair assumption here is that a person who is researching this didn’t know why the prompt appeared and therefore canceled it to research it. That exacerbates the problem since the FAQ entry is one that does nothing to solve the problem, and does not end the research but starts it all over again.

    • You are a TRUST company. Don’t give us a reason not to trust you. Communication is critical around change. With all of the Social Engineering and Phishing scams out there, you need to understand that we don’t give trust freely anymore. Please ensure that you provide information prior to a change in a complete manner where we are likely to see it. Provide the information at the source… Your application that pops up in our face needs to be that vehicle.
      Spend more time on your Communication Plan, as you would with your daily build, unit tests or DR strategies (please tell me someone there knows what these mean!). You services people – we like to know what’s going on with our private & confidential information.

  • Anonymous says:

    Was the LP extension capable of communicating with native applications already? Or is this new functionality that is required because you want to keep LP updated outside of the Chrome Store?

  • ein Mensch says:

    It’d have been nice to display that you need to reset sesame permissions forcefully after the update. Sure had me scramblin’ for my USB device at the office yesterday.

    Didn’t even start the update at home because I know I’d lock myself out — worse still, I can’t log in with my browser right now (using my saved credentials)

    • Amber Gott says:

      Hm, we haven’t seen this in-house – did you have the device mark as trusted, and it prompted you for the key?

    • Anonymous says:

      All my trusted computers required authentication with sesame after the update. Luckily I caught this before leaving with my laptop. The ‘trusted computers’ list in settings still doesn’t identify them with a timestamp so there are multiple identical entries.

Get LastPass Now! Download