HELP FILE
Enable Multifactor Authentication (Users)
Multifactor Authentication is an added layer of security that you can enable within LastPass, and requires a second step before you can gain access to your account. Enabling this security feature helps protect your account from keyloggers and other threats – even if your Master Password was compromised, your account could not be accessed without this second form of authentication.
Alternatively, you can disable multifactor authentication in your Account Settings.
Are you a LastPass Teams, Enterprise, or Identity admin? It is recommended that you complete the steps for enabling Multifactor Authentication in the Admin Console.
Enabling a multifactor authentication option to access LastPass
- Log in to LastPass and access your Vault by doing either of the following:
- In your web browser toolbar, click the LastPass icon
then click Open My Vault. - Go to https://lastpass.com/?ac=1 and log in with your username and Master Password.
- In your web browser toolbar, click the LastPass icon
- Select Account Settings in the left navigation.
- Select the Multifactor Options tab.
- Click the Edit icon
to the right of your desired multifactor option. 
- For the "Enabled" option, select Yes.
- For the "Permit Offline Access" option, use the drop-down menu to choose from the following:
- Select Allow if you wish to allow access to Google Authenticator even when you are offline. This will store an encrypted Vault locally so you can log in without using Multifactor Authentication in case of a connectivity issue.
- Select Disallow to prevent offline access, which requires the use of Multifactor Authentication and to be connected to the internet when using Google Authenticator.
Note:
If this option is selected and you are not connected to the internet and/or https://lastpass.com is not available, you will be unable to access your Vault. Learn more about offline access.
- Depending on the authenticator you have selected, the next steps will vary – for next steps, see our supported multifactor authentication options (below).
Enabling more than one multifactor authentication option
You can enable more than one multifactor authentication option to be used when accessing your LastPass Vault. It is recommended whenever possible to enable multiple authentication options (even on multiple devices) in case you ever lose access to one device, you will have a backup.
Once you have enabled your first multifactor authentication option, you can repeat the same steps in the section above to enable as many alternative multifactor options as needed.
Supported multifactor authentication options
LastPass offers a variety of vendors that you can choose from to set up Multifactor Authentication.
Feature availability may vary depending on your account type.
Please choose from the following options to view detailed instructions for each:
- LastPass MFA Authenticator (For business accounts only. Learn more about our LastPass business solutions.)
- Use the LastPass Authenticator
- Use the Google Authenticator
- Use Microsoft Authenticator
- Use Toopher Authentication (no longer available for new users)
- Use Duo Security Authentication
- Use Transakt Authentication
- Use Grid Multifactor Authentication
- Use YubiKey Multifactor Authentication
- Use Windows Fingerprint Authentication
- Use Smart Card Authentication
- Use RSA SecurID Multifactor Authentication
- Use Symantec VIP
- Use SecureAuth Authentication