HELP FILE

Use Temporary (One Time) Passwords

When accessing LastPass from a public computer, you may not want to use your Master Password, because someone else may be able to access it (using a keylogger to capture your typed keys or other malware). Additionally, you may not know what kind of security is implemented on that computer. To solve this problem, LastPass provides you with One Time Passwords (OTPs) that only work for one logon session – so even if someone else gets access to a previously used OTP, they will not be able to use it to log on to your account. To use the OTPs, you generate a list of temporary passwords ahead of time, and cross them off as they are used each time you log in to your account. You can also invalidate OTPs if you are concerned that they have become compromised.

Note: If you are concerned that your LastPass account has been compromised, follow these steps.

Topics in this article:

Generate One Time Passwords

Log in Using a One-Time Password

Invalidate One Time Passwords

Generate One Time Passwords

To generate a list of One Time Passwords, do the following:

  1. Log in to LastPass and access your Vault.
  2. Click More Options in the left menu, then click Advanced.
  3. Click One Time Passwords.
  4. Enter your Master Password, and click OK.
  5. Click Add a new One Time Password. Repeat this step as many times as you wish to generate a list of one-time passwords.

  1. Click Print, and keep the passwords in a safe place, crossing them off as you use them. (If you find it more convenient, using your web browser, you can print the passwords to a PDF file so that you can copy and paste them later).

Log in Using a One-Time Password

To log on to LastPass using a one-time password, do the following:

  1. Log in to LastPass from your desktop web browser.
  2. Click Log in using a One Time Password.
  3. Enter your email address and a one-time password.

  1. Complete steps for Multifactor Authentication, if it is enabled on your account.

Multifactor Authentication window

Invalidate One Time Passwords

If you are concerned that someone may have gotten access to your One Time Passwords, you can invalidate them by doing the following:

  1. Log in to LastPass and access your Vault.
  2. Click More Options in the left menu, then click Advanced.
  3. Click One Time Passwords.
  4. Enter your Master Password, and click OK.
  5. Click Clear all OTPs.

  1. The system indicates that you no longer have any One Time Passwords. You can now either close the browser window or create new One Time Passwords using the Add a new One Time Password link.

Related

Recover Your Lost Master Password

How do I set up and use mobile account recovery on Android?

How do I set up and use account recovery in the LastPass app for iOS?