LastPass at Michigan Medicine

Service Description 

LastPass is an opt-in secure password manager available to members of the Michigan Medicine community that can store your usernames and passwords for Michigan Medicine purposes in one safe place, called a vault. After you save a password to your vault, LastPass always remembers it for you. When you need to log in to a website, LastPass enters your username and password for you. U-M is pausing new LastPass account provisioning while we work with our vendor to expand this service across the organization. Current U-M LastPass users should see no service changes while contract negotiations are underway. New LastPass account requests will be announced in the near future.

Compliance 

LastPass at is a secure password manager that stores all of your usernames and passwords in one safe place. LastPass uses 256-bit AES encryption. Only the encrypted data travels over the internet to LastPass servers. LastPass does not have access to any of your passwords, including your master password.

  • Not for personal use; for enterprise passwords only. You may use your Michigan Medicine LastPass enterprise account only to manage enterprise passwords—those related to your Michigan Medicine work.
  • Do not store anything other than enterprise passwords. LastPass is approved only for passwords.
    • You may not store other types of IT Security Information.
    • You may not use LastPass to keep any other type of sensitive data, such as PHI, CUI, HIPAA, PII, FISMA, and so on.
  • Do not use a personal LastPass account for Michigan Medicine passwords. You should not store any enterprise account information, including passwords, in your personal LastPass account.

Additional Resources