HELP FILE
Add and Manage LastPass Admin Policies
LastPass Enterprise accounts offer a number of configurable and recommended policies around security levels and password strength that you can add, edit, or delete as an admin. Each policy can be applied to all users, or an inclusive or exclusive list of users. With over 100 policies available for you to add and configure, you can achieve the most optimal security performance with LastPass.
All policies for LastPass Enterprise accounts have been categorized and displayed on separate tabs, and are also searchable in the Admin Console under
.Policy categories
These policy categories include:
- Overview – These policies are currently configured and enforced for your account by a company administrator, and includes both enabled and default policies
- Default – These policies are enabled by default for all users (but can be disabled or configured otherwise)
- Recommended – These policies are disabled by default but are recommended by LastPass to enable and configure to best suit the business needs of your organization
- Access Controls – These policies manage users' access to LastPass
- Password Rules – These policies manage requirements for site passwords and when users create or use their Master Password
- Account Restrictions – These policies enforce account restrictions for users
- Administration – These policies manage general administration, including notifications and reporting for admins, limitations on user access for the Admin Console, and restrictions on upgrade prompts & PasswordPing checks
- Multifactor – These policies manage all settings, restrictions, and requirements for Multifactor Authentication for users
- Other – These are all other policies that do not fall under the previous categories
You can view our complete list of LastPass Enterprise policies that you can add and manage.
Please note that you must be actively logged in with a LastPass Enterprise or Identity account in order to view the full list of policies available.

Configure and enable a new policy
Edit an existing policy
- From within the Admin Console, go to in the left navigation.
- Click the Overview tab and locate your desired policy.
- Click Edit details and make your desired changes to the policy configuration.
- Click Save Changes.
Delete a policy
- From within the Admin Console, go to in the left navigation.
- Locate your desired policy by using the Search field.
- Toggle off the switch for your policy.
- When prompted to delete, click OK to confirm removal.
About policies for federated users
About policies for LastPass Identity accounts
- The Require use of LastPass MFA policy can be enabled to require users to set up and use the LastPass MFA authenticator when accessing their LastPass Vault.
- The Hide Cloud Apps from end users policy can be enabled to hide the Cloud Apps Vault menu item (used for integrated SSO) from appearing in the left navigation of users' LastPass Vaults (if the admin has already implemented their own single sign-on solution or does not need to use LastPass integrated SSO).
Not sure what type of LastPass account you have? Learn more about LastPass business accounts.