LastPass is not working on mobile after latest update.

  • 2
  • Problem
  • Updated 2 years ago
Long time user and we really appreciate your app.

The new update on android is preventing LastPass (password manager) from opening.
Showing "Unsupported Browser".

There needs to be a way around this.  Is there a work around? Or, is a  fix planned?

thank you
Photo of Shawn Van Vleet

Shawn Van Vleet

  • 10 Posts
  • 1 Reply Like

Posted 2 years ago

  • 2
Photo of Patrick Smith

Patrick Smith, Official Rep

  • 131 Posts
  • 18 Reply Likes
Hi, Shawn.

I'm sorry for the delay in getting back with you here. I asked the crew if I could take this one, I did some homework, and....then I forgot to post. I'm sorry!

I, too, am a Covenant Eyes, LastPass, and Android user. I, too, was frustrated by this development. I've spoken at length to the mobile development team about it, and here are the Cliff's Notes on it.

In addition to their password-keeping function, LastPass for Android has an encrypted browser as part of the application. From a programmatic standpoint, Covenant Eyes can't "see" the difference between the password-keeper and the browser. We're unable to decrypt the browsing activity. Therefore, by allowing LastPass to launch on Android, we'd be providing you with a circumvention loophole. 

Here are the options: 

You can call us here in Customer Service, and we can give you access to the old version of the app. There are two caveats associated with this, though.
1. It'll require that you turn off auto updates for Google Play to prevent CE from updating. Sadly, that setting applies to all apps. Not just Covenant Eyes.
2.  Eventually, an operating system update will cause CE version 2.9.9.86 to be outdated. Until then, though, you're welcomed to use it. 

The other option is the one I've elected. I'm logging into my LastPass account via lastpass.com on the chrome browser. This is comparatively clunky, but it's working for me. 

I'll continue to encourage the development team to search for ways to solve this. In the short-term, though. The two (not very graceful) options above are your best bet. 

I appreciate both your comment and your commitment to staying above board online. 

Thanks!

Patrick Smith
Photo of Shawn Van Vleet

Shawn Van Vleet

  • 10 Posts
  • 1 Reply Like
Hi Patrick,
Thank you for your response.
I will use the web site for lastpass until it gets resolved.

Thanks!
Shawn
Photo of John Wa

John Wa

  • 88 Posts
  • 3 Reply Likes
Thanks for the detailed analysis, Patrick. I was afraid your findings would end up being the case here, as I was unable to login to an app earlier today after updating since I couldn't get the password from LastPass. The extreme inconvenience here is that I often need to login to apps or websites when I am mobile and obviously have no access to a desktop/laptop to quickly get it. I guess you're suggesting accessing the LastPass website via the Chrome browser on my phone, but I've noticed their site is not easily navigable on a mobile device, so it took me more than twice as long to get a password as through the LastPass app. The other day, I had to quickly login to the Walmart app while standing at the register, and there's no way I could do it fast enough through the Chrome browser in a pinch like that!

If there was any way your developers could figure out a way to use the LastPass app with CE, that would be a huge help! Thanks.
Photo of Shawn Van Vleet

Shawn Van Vleet

  • 10 Posts
  • 1 Reply Like
Agree with John, using the Lastpass website is much more painful work around than I thought.
Photo of Matt Thompson

Matt Thompson

  • 30 Posts
  • 7 Reply Likes
This is the case that I have discovered as well. Using the website is not a good solution. I don't know, this latest update seems like a HUGE step backwards for what? Filtering, a service that not all users implement? I don't mean to sound overly critical but the scale of this misstep shouldn't be minimized. It has started me on a search for an accountability app that does what it should without getting in the way. It's a shame, I really liked CE for Android, but this is untenable.
Photo of Shawn Van Vleet

Shawn Van Vleet

  • 10 Posts
  • 1 Reply Like
Patrick,
Do have an update on this? Hopefully the development team is addressing this problem.
Unfortunately, I will not be staying with Covenant Eyes much longer unless this is fixed. I need lastpass on my mobile and the Lastpass website is horrendous (because they rely on people being able to use their app).

Thank you
Photo of Joshua

Joshua

  • 8 Posts
  • 3 Reply Likes
I would ask how the iOS version of Covenant Eyes is working. To my knowledge, it serves as its own browser. The lockdown feature in the iOS parental controls allows an administrator to disable apps as well as turn on/off the ability to install other applications from within the app store. That's required because of the restrictions that Apple places on app developers restricting them from running processes in the background. That being the case, the administrator could very well allow an iOS user the ability to install LastPass, and in so doing, provide the user an alternative browser to Covenant Eyes. In this case, the user and their administrator (most likely their accountability partner) have come to the conclusion that this risk is acceptable for them.

My point in bringing this up is identifying the inequality in feature sets between iOS and Android, wherein there is no ability to whitelist an application on the Android side of the house, where this feature exists on iOS. The risk to the user would be the same on both platforms, but the Android user does not have this choice.

Technical controls cannot completely prevent a user from accessing unauthorized content. Users are like water; they will find a way. My suggestion would be to include a whitelisting capability in the Android app and let that be a part of the conversation between the user and their accountability partner.
Photo of John Wa

John Wa

  • 88 Posts
  • 3 Reply Likes
@Joshua is right. There should absolutely be a way to turn off the browser lock-down, or to white-list specific browsers like LastPass. This is a breaking change.

@CE, are you all still investigating possibilities here? I have avoided removing CE from my phone until I hear back about this, but I don't see any responses from CE since 3 weeks ago. Should I go ahead and remove CE, or are there any fixes or workarounds in the works?
Photo of Rich

Rich

  • 1 Post
  • 1 Reply Like
Another option I thought of was to allow this program to open but flag it in the report.   I would communicate with my partners about this app.   Also the android CE report shows how much time is spend on specific apps.   If I am just using Lastpass as a password manager my time spend would be very brief.   If I am using Lastpass for browser purposes I would spend more time using the app and cause my partners to ask me about it.  
Photo of Joshua

Joshua

  • 8 Posts
  • 3 Reply Likes
I definitely agree with this. A direction like this is does more to foster a healthy accountability relationship -- which is more helpful than technical controls alone -- and allows users the flexibility to use apps they depend on.
Photo of Ryan Sherrett

Ryan Sherrett, Official Rep

  • 25 Posts
  • 8 Reply Likes
Hello everyone,

Yes we have been working on this and, in fact, there is a new version of the Android client in Beta that allows LastPass to be used.  As Patrick mentioned above, our ability to monitor that is hampered, but we came to the same conclusion as Rich just recently stated.  There's enough visibility to the usage of the App that it should be evident to an engaged partner if it is being used for purposes other than just a password manager.  There is already the ability to block apps on the device, so if this particular app is a problem for someone, then it should be locked down for that user.

The expectation is that this would be available in the default Play Store soon (a week or so barring any issues coming out of that testing) but if you want to get it right away, you can join the beta testing program here:

https://play.google.com/apps/testing/com.covenanteyes.androidservice

Thank you all for your feedback, your patience as we worked on this, and most of all your continued efforts toward purity online.

Thanks!

Ryan Sherrett
Photo of John Wa

John Wa

  • 88 Posts
  • 3 Reply Likes
This is excellent news, Ryan, thank you very much for the information! You guys are great, and I really appreciate the communication and fast work on this problem.
Photo of Shawn Van Vleet

Shawn Van Vleet

  • 10 Posts
  • 1 Reply Like
That is great news!  Thank you so much.  :)
Photo of Joshua

Joshua

  • 8 Posts
  • 3 Reply Likes
Ryan, would this also work with other password managers like 1Password and Dashlane? Seems this category of apps could all fit the use case of LastPass.
Photo of Ryan Sherrett

Ryan Sherrett, Official Rep

  • 25 Posts
  • 8 Reply Likes
Hi Joshua,

We are beta testing with just allowing LastPass at this point.  It is far and away the one with the most use.  So far the response has been good, so we are also adding Dashlane and a number of Anti-Virus apps that other users have reported (e.g. AVG) for the next release.  I have not heard mention of 1Password and admit that's not one I'm familiar with.  We'll certainly take a look at that too. 
Photo of chewiebacca

chewiebacca

  • 10 Posts
  • 0 Reply Likes
I seem to recall the old version of Covenant Eyes monitored LastPass fairly well. Was this not the case?
Photo of Byron

Byron

  • 20 Posts
  • 1 Reply Like
LastPass still works for me, maybe it's not Covenant Eyes and you just have accessibility disabled for LastPass (this happens without prompting or any user toggling for some reason at times for me in the past - not recently though).
Photo of Ryan Sherrett

Ryan Sherrett, Official Rep

  • 25 Posts
  • 8 Reply Likes
Hey everyone,

Just wanted to give everyone an update on this.  We did just release a new version of the CE Android app that supports LastPass, 1Password, and Dashlane, as well a bunch of different security and anti-virus apps (like AVG, Malware Bytes, and others).  This is version 3.0.3.22 and went live in the Play Store early this afternoon.

Thank you all for your feedback and, most importantly, your patience.

Ryan Sherrett
Photo of Shawn Van Vleet

Shawn Van Vleet

  • 10 Posts
  • 1 Reply Like
Thank you Ryan and CovenantEyes!  It's working again.
Photo of Scott Wright

Scott Wright

  • 1 Post
  • 0 Reply Likes
Thank you CE for fixing this, like the others, this was very important to me.