HELP FILE

Enable Multifactor Authentication (Admins)

Multifactor Authentication refers to a device that can be enabled for use with your LastPass account, and requires a second step before you can gain access to your account. Multifactor authentication devices help protect your account from keyloggers and other threats – even if your Master Password was compromised, someone would be unable to gain access to your account without this second form of authentication.

For LastPass Teams and Enterprise accounts, admins have the ability to select specific authenticator(s) for Multifactor Authentication, and enforce policies that require their users to authenticate before they can access their LastPass account. For some authenticators, additional integration steps must be completed during the setup process.

To get started with setting up Multifactor Authentication as an admin, log in and access the Admin Console at https://lastpass.com/company/#!/dashboard, then follow the steps below.

Note: Not a LastPass admin? See steps for enabling Multifactor Authentication as a user.

Step 1: Configure your authenticator integration (if applicable)

The following authenticators require an active account with their service in order for you set up your integration with LastPass:

  • Duo Security
  • RSA SecurID/RADIUS
  • Symantec VIP
  • SecureAuth

If you are using one of the authenticators listed above, you are required to complete the integration steps for your authenticator first. Otherwise, proceed to the next step.

Step 2: Select your Multifactor Authentication options

If desired, you can select specific authenticator(s) to be used for Multifactor Authentication for your account. Only the options you select will be available for your users to begin the setup process on their end.

Note:  All authenticators are enabled in LastPass Teams and Enterprise accounts by default.

Step 3: Add and configure policies for Multifactor Authentication

If preferred, you can add and configure various LastPass Teams or Enterprise policies for your organization that involve Multifactor Authentication, including the requirement of users to authenticate before they can access their LastPass account, enforcement of restrictions on which authenticator(s) can be used, and much more.

Note: If you require use of a specific authenticator, you must be sure it is also enabled as a multifactor option ( Step #2).

Once you have completed the steps above, your users can set up and enable Multifactor Authentication for their LastPass Teams or Enterprise account.