HELP FILE

How to Setup Two-Factor Authentication for Your Own Account

Two-step verification works with LogMeIn products and components that allow login via accounts.logme.in, LogMeIn's common login service. Certain legacy products and components do not meet this requirement.

Setup involves two main tasks.
  • First, set up your primary method for receiving login codes (this will be LastPass Authenticator)
  • Second, set up either text message or email as a backup method in case your primary is not available.

Let's take a closer look. This procedure describes setup using our own LastPass Authenticator. The procedure is similar for other popular authenticator apps.

  1. Log in to your account at LogMeIn.com using your LogMeIn ID (email address) and password.
  2. At the top of the page, click Settings and then Account Settings. The Account Settings page is displayed.
  3. Under Security, look for Two-step verification and click get started. Read the introductory information and click again to get started.
    The Protect your account page is displayed.
  4. On the Protect your account page, click Set up mobile app.
  5. If you already have LastPass Authenticator, simply click Next.
    Tip: You can download the app from this site: https://lastpass.com/auth/.

    The Set up mobile page is displayed. You should see a scannable QR code.

  6. Launch LastPass Authenticator on your device and scan the QR code, as follows:
    1. On the LastPass Authenticator app, tap the + (plus) sign.
    2. Physically hold your device in front of the LogMeIn website to scan the code.

    A message is displayed confirming that your device has been paired to your LogMeIn account. Tap to dismiss the message.

  7. Returning to the LogMeIn website, you must now choose the backup method to use when your primary method is unavailable. Here's how:
    1. To receive login codes via text message:
      • Click Set up text message.
      • Enter the phone number to which login codes should be sent and click Next. A code is sent.
      • Go to your phone and open the text message from LogMeIn.
      • Enter the code from the text message on the Verify phone number page.
      • Click Finish text setup.
    2. To receive login codes via email:
      • Click Set up email.
      • Enter the email address you want to use to receive codes. To use the same address you use to log in to LogMeIn, click Use your LogMeIn ID.
      • Go to your email inbox and open the message from LogMeIn.
      • Enter the code on the Set up email page in your browser.
      • Click Finish email setup.
  8. Finally, click Activate at the bottom of the page to actually turn on two-step verification.
After setup, the following is expected:
  • LastPass Authenticator: Tap the on-screen notification to confirm your identity.
  • Authenticator app other than LastPass Authenticator: Enter a one-time code that you get from the paired authenticator app.
  • Text message: Enter the one-time code sent to the number.
  • Primary method is unavailable: Request a code via your backup.

Guidance from PCI DSS v3.0

Two-step verification is a requirement in PCI DSS v3.0.