Many organizations today are struggling to improve password practices and help employees securely manage access to their web accounts and apps. LastPass, the leading password manager, is helping more than 6 million individuals and over 10,000 organizations solve their password problems.
LastPass is dedicated to making the Internet easier and safer by securely connecting people to their apps and websites, while making it convenient to use strong passwords everywhere. More than 500 colleges, universities, medical institutions, and other higher education organizations are already using LastPass to secure their systems and manage their passwords.
Password Management, Perfected for Higher Ed
Each Internet2 Net+ LastPass package includes unlimited quantities of the LastPass Enterprise and Premium Services. Typically, LastPass Enterprise is deployed to faculty and staff, while LastPass Premium is offered to students, but the choice is yours to make. See the Features tab for more detail.
User accounts for LastPass Enterprise will be provisioned and managed by an Admin through use of the LastPass Admin Console. Upon invite, employees will each create their own Master Password for their LastPass account. They will then store all of their work-related passwords in their account.
Per your preference, employees can link a personal account to their Enterprise work account for privacy and convenience. At the end of their employment, the Admin can delete, disable or remove the employee’s account (based on your internal preference or policy). Regardless, the personal linked account will stay intact and will move on with its owner. LastPass Enterprise offers just the right degree of visibility to identify risky user behavior for targeted education and training, resulting in increased compliance and security for the entire organization.
LastPass Premium accounts are individual accounts that afford no centralized control. Among other great benefits, a Premium upgrade includes use of the LastPass mobile apps for convenient access on the go from any smartphone and tablet. Implementation is easy: upon purchase, relevant email domains can be white-listed, so that all new subscribers will be automatically upgraded to Premium. You can then email, tweet and post the offer everywhere to promote adoption. All a user needs is their school email address to sign up and benefit from this great program.
We encourage you to register for one of our weekly Webinars. [See side bar 'learn more' section for information].
Secure Password Management
> Password Saving
Automatically store login usernames and passwords, so you never forget a password again.
> Password Autofill
Once a password for an account is stored, LastPass automatically fills it in the next time you visit that website or app.
> User Vault
Add, edit, view, delete, and manage everything from an easy-to-use, searchable “vault”.
> One Master Password
Get what you truly want: one password to remember that unlocks access to the rest of your accounts.
> Password Generator
Create strong, random passwords that are different for every website, app, and tool.
> Automated Form Fill
Streamline online shopping and filling out forms with profiles for credit cards, addresses, and other personal details.
> Available Everywhere
With support for every browser and platform, download LastPass to any device to securely manage passwords everywhere.
> Sync Automatically
As a cloud-based service, LastPass automatically backs up and syncs your data, so you can securely log in with the same account everywhere.
> Multifactor Authentication
Add another layer of security to LastPass by requiring a second login step that verifies your identity. Choose from over a dozen supported multifactor authentication apps and services.
Internet2 Net+ LastPass
The features described above are available to users of both the LastPass Enterprise and LastPass Premium packages. Below are some of the important differences between the Services that can help you determine the best fit for your users. Typically, LastPass Enterprise is deployed to faculty and staff, while LastPass Premium is offered to students, but the choice is yours to make.
LastPass Enterprise - Centralized Management Tools for a More Secure Campus
Securely manage passwords at the administrative level for faculty and staff. User accounts are provisioned and managed by an Admin (or team of Admins) through a unified Admin Console. Employees are invited to activate their LastPass account and create their own master password. Accounts can be disabled or deleted by Admins when an employee leaves. Features specific to LastPass Enterprise include:
> Admin Console
Automate user management and track compliance reporting through a unified admin console.
> AD Sync and API Integration
Integrate with Active Directory, LDAP, and custom APIs to automatically provision users and apply policies.
> Single Sign-On (SSO)
Provide secure, federated access management for cloud apps with SAML 2.0.
> Team Sharing
Manage shared access to apps and web logins with Shared Folders and customized permissions for individuals or groups.
> Linked Accounts
Organizations can choose to allow employees to link a personal account to their work account for privacy and convenience. Admins can disable or delete the work account while employees can keep their personal account when they leave.
> Security Controls
Flexible security policies and multifactor authentication options to meet the needs of every organization.
> Mobile Access
Download LastPass to any smartphone or tablet to view passwords and sign in to accounts anywhere.
LastPass Premium for Your Data on the Go
Every individual on campus can sign up for a personal LastPass account using their school email address and then be automatically upgraded to LastPass Premium. LastPass Premium accounts are individual accounts that have no centralized control. Features specific to LastPass Premium include:
> Mobile Access
Download LastPass to any smartphone or tablet to view passwords and sign in to accounts anywhere.
> Simplified Sharing
Collaborate more easily on shared projects by syncing passwords with Shared Folders. Each Premium user gets 1 Shared Folder that can be shared with up to 5 other users.
LastPass utilizes AES 256-bit encryption implemented with salted hashing, along with PBKDF2 encryption keys, to protect and anonymize user data.
All sensitive user data is encrypted and decrypted locally on the user's machine. Only encrypted data is ever synced with LastPass. The user’s master password (their encryption key) is never transmitted to LastPass, so LastPass never has the key to decrypt and access user data. Without the key, the encrypted blob of data remains secure and inaccessible.
FERPA, HIPAA and Research Requirements
FERPA requirements are supported as of service general availability.
The NET+ LastPass program offers a Business Associate Agreement (BAA) in support of HIPAA compliance. Institutions wishing to adopt the BAA with LastPass can do so after signing the Participation Schedule for the LastPass service. Institutions that do not plan to sign the BAA will need to agree not to store PHI in LastPass. Each institution still has the responsibility to implement LastPass (leveraging the tool sets provided) in a manner that is HIPAA compliant. LastPass cannot guarantee that each customer will leverage the appropriate tool sets to configure and implement LastPass to ensure HIPAA compliance. We believe that LastPass can be used in compliance with most research requirements, although the institution should check specifics (especially around FISMA).
The annual price of the Internet2 NET+ LastPass password management service is based on the Actual Campus Size of the institution grouped into one of 11 pricing tiers. The Actual Campus Size tier is determined by the total number of faculty, staff, and students (see below). Look up your institution's numbers in the IPEDS Data Center.
|Actual Campus Size||Annual Fee for
Members of Internet2
|Annual Fee for
Non-Members of Internet2
Each package includes unlimited quantities of the LastPass Enterprise and Premium Services. Typically, LastPass Enterprise is deployed to faculty and staff, while LastPass Premium is offered to students, but the choice is yours to make.
The subscription year is initially based on the 12-month period beginning the first of the month in which your service begins. The first year, you will be billed according to the size of your institution within 30 days of account activation for your first 12 months. Subsequent year renewals will be annual based on your starting (anniversary) date. Your institution may choose to change the billing cycle after the first 12-month period.
Systems can leverage their collective buying power to save even more with the Internet2 NET+ LastPass packages. To buy for the entire System, simply total up the ‘Actual Campus Size’ of each member-institution and map this total to the appropriate tier on the table above. If only select schools choose to participate, then the individual package rates above shall apply based on the individual campus size of each participating institution.
Internet2 Membership/InCommon Participation Status Changes
If your institution is currently not an Internet2 member, but subsequently joins, your institution will be afforded the appropriate discounts upon the next LastPass renewal. If your institution is currently an Internet2 member, but subsequently drops membership, then the non-member rates will apply upon renewal.
Your campus may decide to cancel at any point during the subscription year which will cancel the automatic renewal at the end of the calendar year. No refunds are provided for during the current year of service; however, you will have until the end of the subscription term to migrate data out of LastPass as necessary. Upon termination, the university can delete all user accounts at their discretion. Barring deletion by the university, the Premium accounts will remain available to their owners, will automatically convert to LastPass Free accounts, and all Enterprise features will be deactivated.
LastPass has an extensive library of tools available to help educate buyers and users about the services. We encourage you to check them out (see sidebar "learn more" at the right).
Who is LastPass and what services do they offer?
What is the relationship between LastPass and Internet2?
Where will our data be stored, and who will have access?
My campus needs a business associate agreement to use LastPass. What should I do?
Eligibility and Enrollment
Do I have to be a direct Internet2 member to sign up for the Internet2 NET+ LastPass service?
How does my institution sign up for the service?
Can a portion of my institution sign up (for example, a business school, medical school, or even a single department)?
What happens if I already have a LastPass account?
What happens when an account holder leaves the organization?
LastPass Enterprise: Upon termination, the university can delete all Enterprise end user accounts at their discretion. Barring deletion by the university, the accounts will remain available to their owners, will automatically convert to LastPass Free accounts, and all Enterprise features will be deactivated.
How do I get a copy of the information security policy?
Why is LastPass not connected directly to the Internet2 network?
Why is LastPass not using InCommon Federation?
Do you have an advisory board for the NET+ LastPass service?
Do you have something I can give my procurement department?
How do local IT departments deploy LastPass for their individual department?
What are the support response times?
What if I need more than 14 days for a trial?
Features and Security
For questions regarding features and security, please see our Features tab.
Cost and Terms
For questions regarding cost, terms of agreement and billing, please see our Fees tab.
To subscribe to LastPass:
- Review the service offering and fees on the tabs above.
If you have any questions, please contact us at: firstname.lastname@example.org
- Review the Participation Agreement and Service Schedule
- Click here to sign up for LastPass.
Please note, by starting this participation application, you are not required to sign the agreement and will be able to send the agreement via DocuSign to the appropriate party/parties on your campus for signature. The first step does say "Begin Signing", but that means to start the signing process. During the process, you can choose the "Other Actions" option to assign it to someone else for review or signature.
NOTE: Internet2 uses electronic signatures for legal contracts, unless state law mandates otherwise.