Application of the Week – LastPass (Part 1)

When Single Sign-On (SSO) is not an option, a password manager is what most organizations opt for when dealing securely with passwords across the organization. In this blog I will discuss a password manager for which we regularly get questions about how to use it with Liquit Workspace and Liquit Release & Patch Management: LastPass.

In this weeks blog the focus will be on a Launch package for Lastpass. Part 2 of this blog will contain a PowerShell script to create this Lastpass Launch package. And in Part 3 I will discuss the LastPass MSI setup which is available in the Liquit Setup Store and in the Lastpass Admin Console for Enterprise users only.

LastPass, from an application point of view, is all browser extension based. Supporting Windows, Mac, iOS and Android. Which means you don’t need to install an application to use LastPass. You can just use your favorite browser to login to with a super strong master password, optionally using 2FA, and you’re able to access your passwords from within the LastPass password manager vault.

LastPass has different Business plans supporting centralized IT control, which gives control over user access, authentication and password behavior with over 100 configurable policies to and improve security.

Besides browser plugins, to simply fetching and storing passwords in your vault from within your browser, Lastpass has published LastPass for Windows Desktop in the Microsoft Store:

LastPass also has LastPass for Applications which is a Windows desktop app (Win32 app) that can be used to store and access the contents of your LastPass Vault. It seems that LastPass deprecated this one after releasing version 4.36.1. It has been removed from the download page since. I presume it has been replaced by the Microsoft Store app ‘LastPass for Windows Desktop’.

A bit confusing isn’t it? 😉

Let’s look at how we can simplify this in just one ‘Smart icon’ for LastPass:

This Launch package has one action set called ‘Launch’. Its ‘Process’ setting has been set to ‘Stop at first effective action’. Which means that it will stop after one of the actions has launched successfully.

Let’s look at the first action of this action set: Start LastApp for Applications.

LastApp for applications is based an on executable lastapp.exe which is a systray application. If it’s already launched, and you launch it again, it will show this error message:

So a ‘start process’ action like this is not enough. Because starting the executable will be successful every time. But within the application the above message is shown, when it’s already running and started for a second time:

Two filters are needed here therefore. One to see whether this application has been installed and one whether it’s already running. We can use ‘Process exists’ for this:

Quick tip: if you’re not sure how about a process name, just use the PowerShell cmdlet ‘Get-Process’.

Let’s look at the second action: Start LastApp for Windows Desktop.

In some configurations LastPass Universal Windows Installer installs the LastPass Broker. Another systray application which behaves the same as the executable defined one in our first action. Therefore we use the same filters to check whether this executable exists and is running:

Let’s look at the third action: Start LastApp Microsoft Store App.

In my blogs about Netflix, Deezer and Microsoft Calculator I’ve discussed how to deal with Appx packages. Using the techniques described in these blogs, an action for the LastPass Store app is similar:

And then the fourth and last action: Open LastPass Website

What if the Windows desktop nor the Microsoft Store application is installed? Using the last action, your default browser is used to visit You can configure using the ‘Default’ browser, but using a specific one is of course configurable too:

Next week in ‘Part 2’ of this blog I will review discuss how to use PowerShell to create this ‘LastPass’ Smart Icon package using the ‘Liquit PowerShell Module‘.