I’m trying to balance ease of use with security on my work computer to use my LastPass vault from a browser extension. I’d like my vault to be inaccessible except when I want to use it. The only way I’ve seen to do that is to set LastPass to automatically logout after N minutes (5 in my case). My master password is quite long, and I’d rather not have to type it in every time I login. So I’ve checked “Remember Password” in the login options. I feel like this might be ok given that it always requires 2FA to complete the login.
- Is this a bad idea?
- How safely is my master password stored?