HELP FILE

Enable Multifactor Authentication (Users)

Multifactor Authentication is an added layer of security that you can enable within LastPass, and requires a second step before you can gain access to your account. Enabling this security feature helps protect your account from keyloggers and other threats – even if your Master Password was compromised, your account could not be accessed without this second form of authentication.

Alternatively, you can disable Multifactor Authentication in your Account Settings.

Are you a LastPass Teams or Enterprise admin? It is recommended that you complete the steps for enabling Multifactor Authentication in the Admin Console.

Enable Multifactor Authentication

As a LastPass user, you can enable Multifactor Authentication for your account as follows:

1. Log in to LastPass and access your Vault:
   1. Go to https://lastpass.com/?ac=1 and log in with your username and Master Password.
   2. In your web browser toolbar, click the LastPass icon then click Open My Vault.
2. Select Account Settings in the left navigation.
3. Click on the Multifactor Options tab.
4. Click the Edit icon to the right of your desired multifactor option.

5. For the "Enabled" option, select Yes from the drop-down menu.
6. For the "Permit Offline Access" option, use the drop-down menu to choose from the following:
   • Select Allow if you wish to allow access to LastPass even when you are offline. This will store an encrypted Vault locally so you can log in without using Multifactor Authentication in case of a connectivity issue.
   • Select Disallow to prevent offline access, which requires the use of Multifactor Authentication and to be connected to the internet when using LastPass.

   Note: If this option is selected and you are not connected to the internet and/or https://lastpass.com is not available, you will be unable to access your Vault. Learn more about offline access.

7. Depending on the authenticator you have selected, the next steps will vary – for next steps, see our supported Multifactor Authentication options below.

Please note that if you have more than one Multifactor Authentication option enabled for your account, you must select your desired default authentication option from the drop-down menu at the bottom of your Multifactor Options window in order to be prompted to authenticate with your preferred option when logging in to LastPass.

Supported Multifactor Authentication options

We offer a variety of vendors that you can choose from to set up Multifactor Authentication.

Note: Feature availability may vary depending on your account type.

Please choose from the following options to view detailed instructions for each:

• LastPass Authenticator
• Google Authenticator
• Microsoft Authenticator
• Toopher Authentication (no longer available for new users)
• Duo Security Authentication
• Transakt Authentication
• Grid Multifactor Authentication
• YubiKey Multifactor Authentication
• Fingerprint Authentication
• Smart Card Authentication
• Sesame Multifactor Authentication
• RSA SecurID Multifactor Authentication
• Symantec VIP
• SecureAuth Authentication

Related

How do I disable Multifactor Authentication as a user?

How do I disable offline access for Multifactor Authentication?

Why are my credentials filled before I am prompted for Multifactor Authentication?