Getting Started with LastPass Business

LastPass Business is now available to UC Berkeley departments for storing institutional account information. LastPass Business accounts enable campus teams to share secrets, credentials, and keys, as well as sharing with other LastPass Business teams at UC Berkeley. Note: Business should not be used to store or share your personal CalNet credentials.

More information about what LastPass is, along with how and why it should be used, can be found at: https://www.lastpass.com/business-password-manager

Getting Started with LastPass Business

Your department will need to assign two or more LastPass Administrators to administer their Business instance. Below are a few requirements that departments need to be aware of before requesting a LastPass Business account. 

• You must use your @berkeley.edu email to access LastPass Business. If you are using your @berkeley.edu email address in any other LastPass account of any kind, you must change the email address associated with your other LastPass account. 

• Follow these instructions to change the email address on the other account: https://support.logmeininc.com/lastpass/help/how-do-i-change-my-email-address-for-lastpass

• Our LastPass Business version allows a user to be in only one Business account. If you are already in an Business account, there will be extra steps to move your account.

• If you are already in an Business account, please email calnet-admin@berkeley.edu for assistance.

• Duo MFA is required for all Business accounts; Duo Push, Duo Mobile passcodes, Security Keys (U2F), hardware tokens, Security Keys (WebAuthn), or Touch ID are acceptable authentication methods. Phone callback and SMS codes are not supported.

• ISO will set up LastPass Business account policies on Business accounts to allow certain account admins to reset master passwords for users in that account. ISO will configure local admins or superusers to be able/responsible for passphrase resets. 

• ISO will retain access in each LastPass Business instance to assist with emergency passphrase resets.

• ISO will configure policies in LastPass Business to forward event logs to ISO.
• Your department or unit will determine who will administer the Business account. Administrators are usually technologists or IT help desk staff who are comfortable taking on the administrative role and understand the requirements and risks.

Once the above requirements are understood, a designated LastPass administrator for your department will need to request a LastPass Business account via the LastPass Business Request Form.