GoTo Two-Step Verification through LastPass Authenticator

Two-step verification is an added level of security for GoTo applications. It is enforced for users by application. Two-step verification with LastPass Authenticator requires a one time code that gets generated by an authenticator app on the user’s SmartPhone, making credential attacks very difficult. (An attacker would need the user name and password and either the code or the device.)

For example, when a user without two-step authentication logs in to a Remote Desktop session from their desktop, they will enter their user name and password first. They will then see a message that initiates the two-step enrollment process if they are not already enrolled. To complete the sign-in through two-step, the user will need to have their SmartPhone to verify the access request.

Once a user has the LastPass Authenticator app set up, the added step of validating the account access request on their SmartPhone app ensures ironclad security. Users can re-enroll in two-step when a phone is lost or replaced.

Enrolling in Two-Step

The first time through two-step, you start by logging into your application in your browser. A series of dialog boxes in the browser guides you through the steps.

You will need both a desktop or laptop and a Smartphone to complete the enrollment. Start the enrollment process on your laptop or desktop if possible. (You can complete the process on your Smartphone, but it requires a manual step.)

1. Sign-in to the application with your user name and password on your laptop or desktop computer. Click Sign in.

2. The service determines if you as a user have been enrolled in two-step before allowing you to access the application resource. If you have not yet been enrolled, you automatically start the enrollment process. The enrollment message displays. Click Continue.

3. The Check your email dialog displays. An email is sent to the email address that identifies the user’s account. This verifies that the correct user is interacting with the system.

4. Go to your email, open the email, and copy the six-digit code.

5. In the Check your email dialog, enter or paste the code you copied from the email and click Continue.

6. The dialog displays instructing you to install the LastPass Authenticator app on your SmartPhone device. On your device, go to the application store and install the LastPass Authenticator. Once installation is complete click Continue. If you already have the app installed, you do not need to reinstall the app.

7. The Connect to your mobile device dialog displays. Leave it up on your browser and complete the LastPass Authenticator install on your SmartPhone and click Continue. You have the option of scanning a bar code (the QR code) or of entering the code displayed on the screen in the LastPass Authenticator app.

8. The one-time LastPass authentication code is displayed in the Smartphone app.

9. The Enter setup code dialog displays. Enter the one-time LastPass authentication code and click Continue.

10. Congratulations! Click Continue to access the application resource.

Login with Two-Step

1. Sign-in to the application with your user name and password. Click Sign in.

2. The service determines that you are enrolled in two-step authentication. You are asked to enter the two-step code from the LastPass Authenticator app.

3. Open LastPass Authenticator on your SmartPhone and enter the number displayed.

4. Back in the two-step dialog, enter the code from the LastPass Authenticator app and click Continue to access the application resource.

Reset Two-Step for a new or lost SmartPhone

The following section describes how to reset two-step verification for your GoTo app.

NOTE: If you are using LastPass, you can use LastPass Authenticator’s cloud backup to restore your multifactor tokens if you lose or upgrade your phone. You just reinstall LastPass on your device and your account credentials are available on the device, including your two-factor tokens.

1. Sign-in to the application with your user name and password. Click Sign in.

2. Choose Change Login Info under Reset two-step-verification | Set up new device. ( NOTE: The Reset two-step verification option is enabled only if the device is enrolled in two-step.)

3. Go to Enrolling for Two-Step and follow the steps to complete enrollment for a new phone.