There are many reports recently of malicious websites and malicious scripts in ads and comments on websites that generate login name and password fields on legitimate sites that trigger LastPass and other password managers to auto-fill with your credentials, allowing the bad actors to literally steal your login credentials, without you doing anything except innocently visiting your favorite sites.
Side note: This is a REALLY GOOD reason to turn on 2-Factor Authentication.
To turn off aut-fill in LastPass is pretty simple, but nearly impossible to find and know how to do with out someone else “in the know” showing you.
- On your desktop browser, open your LastPass vault.
- Click “Account Settings” in the lower left.
- Click on the “Never URLs” tab.
- Click the “Add” Button at the bottom of the dialog box.
- Now, you’ll need to do this 3 times, once for “Never Fill Forms”, “Never AutoLogin”, and “Never AutoFill Application”. Choose “Never Fill Forms”, from the “Type” drop down and then type “all” (without the quotes!) in the “URL” box and click add. Continue for “Never AutoLogin” and “Never AutoFill Application”.
That’s it! From this point forward, LastPass will still work, but it won’t just blindly fill in your login name and password to just any field named “login” or “password”.
Thank you for sharing this article. See this image?
You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.