HELP FILE

Federated Login Experience for LastPass Enterprise Users

Once a LastPass Enterprise admin has set up Federation Services for an organization, new users are provisioned with a LastPass account that allows them to log in to LastPass with their existing Active Directory credentials – no separate Master Password required!

The steps below outline the full user experience from the newly provisioned user's point of view.

Step #1: You receive a Welcome email

Once your new LastPass account has been created, you will receive a Welcome email that includes your LastPass username (email address) and activation instructions on how to log in to LastPass with your existing Active Directory credentials (detailed steps per platform below).

Step #2: Download and install LastPass

Next, you will need to download and install LastPass. If you are in a locked-down environment with limited privileges for downloading and installing applications, contact your admin to install LastPass for you.

Step #3:  Log in to LastPass

Once installed, you will need to log in to LastPass using your Active Directory credentials. After you have authenticated, you will have continuous access to your LastPass Vault.

Note: The duration of an authenticated logon session will vary depending on your organization's policies.

Login instructions may vary depending on the platform you are using to log in to LastPass, as follows:

Using the web browser extension:

  1. In your web browser toolbar, click the inactive LastPass icon .
  2. Fill in your Active Directory email address.
  3. Once your email address has been filled in, navigate to the password field and a new web browser window or tab will open and redirect to your organization's Identity Provider URL.
  4. Fill in your DOMAIN\username (e.g., LASTPASS\testuser) and password, then click Sign in.
  5. An active LastPass icon is displayed, and you can click on it to begin using LastPass.

Using the LastPass Mac app

  1. Open the LastPass Mac app on your desktop.
  2. Fill in your Active Directory email address.
  3. Navigate to the password field, and a new authentication window will open displaying your organization's Identity Provider's login fields.
  4. Fill in your DOMAIN\username (e.g., LASTPASS\testuser) and password, then click Sign in.
  5. Return to the desktop app, where you will be automatically logged in to your LastPass Vault. Learn more about using the LastPass Mac app.

Using the iOS app

  1. Tap to open the LastPass app for iOS.
  2. Fill in your Active Directory email address but do not enter your password.
  3. Tap Log In to continue the login process.
  4. Navigate to the password field, and a new authentication screen will open displaying your organization's Identity Provider's login fields.
  5. Fill in your DOMAIN\username (e.g., LASTPASS\testuser) and password, then tap Sign in.
  6. Return to the mobile app, where you will be automatically logged in to your LastPass Vault. Learn more about using LastPass for iOS.

Using the Android app

  1. Tap to open the LastPass app for Android.
  2. Fill in your Active Directory email address but do not enter your password.
  3. Tap Log In to continue the login process.
  4. Navigate to the password field, and a new authentication window will open displaying your organization's Identity Provider's login fields.
  5. Fill in your DOMAIN\username (e.g., LASTPASS\testuser) and password, then tap Sign in.
  6. Return to the mobile app, where you will be automatically logged in to your LastPass Vault. Learn more about using LastPass for Android.

Step #4: Start using LastPass!

Once you log in, you can begin saving new Sites, Secure Notes, and Form Fills to your LastPass Vault.

Note: As a federated user, you are unable to reset your Master Password within LastPass Account Settings – this must be done by your LastPass admin or within your Active Directory environment. If your Master Password is ever reset by an admin, your account will be converted to a non-federated user account. To become a federated user again, your account must be deleted and recreated. To ensure that your LastPass account data can be fully restored without data loss, you must log in and export your Vault before becoming a federated user again. For more information, please see Reset a User's Master Password (Super Admin).