HELP FILE

Enterprise Admin Management of Master Passwords

As an admin, it's important for you to have access to a change log that allows you to view when your users last changed their Master Passwords, and take additional action if they need to be forced to log out and update it. You can view and manage your users' Master Passwords from the Admin Console. For additional security measures, you can also choose to enforce various policies for your users to adhere to when managing their Master Password.

If you have detected a need for a user to change their password immediately, it is recommended that you first require a password change, then destroy their active session. This will log them out of their existing session, then force them to change their password upon their next login.

Master Password Change Info

Topics in this article:

View the change log

Enterprise Admin Management of Global Equivalent Domains

Destroy all sessions

View the change log

  1. Log in and access the Admin Console at https://lastpass.com/company/#!/dashboard.
  2. Use the menu in the left navigation to go to Advanced OptionsEnterprise OptionsMaster Passwords.
  3. Here you can view the list of users that last changed their Master Password, and when the last change occurred.

Require a password change

If you need to force users to change their password upon their next login, do the following:

  1. Log in and access the Admin Console at https://lastpass.com/company/#!/dashboard.
  2. Use the menu in the left navigation to go to Advanced OptionsEnterprise OptionsMaster Passwords.
  3. Check the box in the "Action" column for a single user, or check the first "Action" box to select all users in the list.
  4. Click Require Password Change.
  5. Click OK to confirm.

Destroy all sessions

If you need to force users to log out of their existing LastPass Enterprise session immediately, do the following:

  1. Log in and access the Admin Console at https://lastpass.com/company/#!/dashboard.
  2. Use the menu in the left navigation to go to Advanced OptionsEnterprise OptionsMaster Passwords.
  3. Check the box in the "Action" column for a single user, or check the first "Action" box to select all users in the list.
  4. Click Destroy All Sessions.
  5. Click OK to confirm.