Use Duo Security Authentication
Duo Security is a secure, Multifactor Authentication application that can be used as an added layer of security in your LastPass account.
Note: Feature availability may vary depending on your account type.
To get started, LastPass admins must complete the steps for enabling Multifactor Authentication in the Admin Console.
Set up and configure
For users, in order to use Duo Security, a Duo account is required. Register for an account at https://www.duosecurity.com/lastpass.
- Install the Duo Mobile app on your iOS or Android device.
- Log in to LastPass and access your Vault by doing either of the following:
- Go to https://lastpass.com/?ac=1 and log in with your username and Master Password.
- In your web browser toolbar, click the LastPass icon then click Open My Vault.
- Select Account Settings in the left navigation.
- Click on the Multifactor Options tab.
- Click the Edit icon for Duo Security.
- Follow the steps in the "Configure Duo Security" section here to finish the setup process.
- Once configured, be sure to use the drop down menu for the "Enabled" option and select Yes, then click Update to save your changes.
Using Duo Security Authentication
Once you have enabled and set up Duo Security as your multifactor option, you can test your setup by following the instructions here.
If desired, check the box to enable the option, "Trust this computer for 30 days" and provide a computer name, then click Authenticate. Learn more about managing your trusted devices.
Using multiple Multifactor Authentication options
Please note that if you have more than one Multifactor Authentication option enabled for your account, you must select your desired default authentication option from the drop-down menu at the bottom of your Multifactor Options window in order to be prompted to authenticate with your preferred option when logging in to LastPass.
Disabling authentication for a new or lost device
If your phone number has changed or the mobile device used for authentication is lost, you can disable Multifactor Authentication via email so that you can log in to your LastPass account.
Additionally, the Duo admin for your account will need log in to Duo and to go to Duo Admin Panel > Users > [your account] > Phones and remove your phone number. Once removed, log in to your LastPass account and re-enable Duo Security as your multifactor option. You will be prompted to enroll your device again.