I was logging into LastPass, the password was accepted, the LastPass icon changed to red (indicating that I was logged in). Then a few seconds later, the icon would change to yellow, indicating the login had expired. Clearly my LastPass settings were off.
I use LastPass as my password keeper. When I log into a new website or change a password on a site, it remembers the login details for me. Next time I go to that site, LastPass will either automatically log in for me, or let me pick which login to use on the site. (I can set my preference in general and for specific sites). Go to my LastPass password keeper and Using Strong Passwords page for making a secure password that you can remember and type.
I have all my passwords in it so I need it working right, and it had worked a long time. (I could use my phone to get the passwords, and I had not tested but probably logging directly in the LastPass.com site would work. I also have the Chrome browser, and LastPass would almost certainly work on that. I was really suspecting this was a temporary problem just on the one browser.) But the browser add-on is really convenient.
One place to check for what might not be working is the LastPass Debug page. It covers what to check “If you’re having problems staying logged in between browser restarts”. For example, making sure your web browser is set to allow cookies for lastpass.com and making sure any script blocker (I use NoScript in Firefox) is allowing lastpass.com.
Firefox Settings for LastPass Cookies
The image above shows the LastPass settings for cookies in Firefox.
You probably have to restart Firefox to have the changes in cookie permissions take effect. After you’ve restarted, login to LastPass and the LastPass Debug page should show that cookies are being properly set.
You can specify in LastPass settings how long your login should be kept in effect. When you login, information is stored in a browser cookie, and the LastPass browser add-on checks that to know when to log you out. It’s good to keep the time your login remains valid short enough that if you leave your computer unattended someone can’t get access to all your passwords (for example, export your LastPass info to their thumb drive!). I have mine set to an hour, and I also remember to log out of LastPass if I’m leaving the house; you adjust the time but I’ll guess at least 5 minutes would be a minimum so you aren’t typing in your long memorable-for-you difficult-to-guess password all the time.
You will however also need to make sure your scripts are running, for example NoScript settings or Norton Antivirus settings might block them.
NoScript Settings for LastPass
Scripts from LastPass.com need to be able to run, for the login status to be maintained across your browsers and if you briefly close your browser.
See the image for the settings I use for NoScript, to allow the browser extension and the website to work properly.
The next place I checked was on the LastPass help forum. “LastPass Logs out EVERY time I close Firefox” seemed like a topic close enough. The first page was from several years ago, and my problem had started less than a week ago. Page 5 had the tip of installing the latest version of LastPass from the LastPass.com site, not from the FireFox Add-ons page. It makes sense that the version of LastPass in the browser add-on repository might be a little older than the version on the LastPass site.
I don’t know if there was a problem with a version of LastPass, or if my fiddling around with other security settings in my browser was the cause of the problem, but the combination of settings for cookies, settings for scripts, and updating the add-on works.