HELP FILE

Use Windows Fingerprint Authentication

LastPass has support for various fingerprint readers, including Windows Biometric Framework. Once enabled, you can use the Fingerprint reader to log in to the LastPass browser extension rather than having to enter your Master Password (including Master Password re-prompts as well).

Feature availability may vary depending on your account type.

For LastPass admins, it is recommended that you complete the steps for enabling Multifactor Authentication in the Admin Console.

System requirements

Attention: Please note that Touch ID for macOS is not supported when enabling Fingerprint as a multifactor authentication option.
  • Must be running Windows 7 or later
  • Must have Windows Biometric Framework drivers installed
  • Safari, Opera, and Chrome can be supported by installing an additional binary component using the LastPass Universal Installer at https://lastpass.com/installer
  • Windows 8 may require an additional binary component to be installed. If you encounter an issue with fingerprint swiping, please try running the LastPass Universal Installer at https://lastpass.com/installer

Set up and configure in LastPass

  1. Log in to LastPass and access your Vault by doing either of the following:
    • In your web browser toolbar, click the LastPass icon LastPass then click Open My Vault.
    • Go to https://lastpass.com/?ac=1 and log in with your username and Master Password.
  2. Select Account Settings in the left navigation.
  3. Select the Multifactor Options tab.
  4. Click the Edit icon Edit option for Fingerprint Authentication.
  5. For the "Type" section, one of the following will be displayed:
    • Browser extension is missing binary component, click here to install if you have not installed the binary component.
    • No supported devices were found if you have installed the binary component but are on a device that does not have a fingerprint sensor.
    • Proceed with the next steps if you have installed the binary component and are using a supported device.
  6. For the "Enabled" option, select Yes from the drop-down menu.
  7. When finished, click Update.
  8. When prompted, enter your Master Password, then click OK.
  9. Follow the prompts to finish setting up Fingerprint Authentication.
  10. Click Update when finished.

Use Windows Fingerprint authentication to log in to LastPass

  1. Log in to LastPass and access your Vault by doing either of the following:
    • In your web browser toolbar, click the LastPass icon LastPass then click Open My Vault.
    • Go to https://lastpass.com/?ac=1 and log in with your username and Master Password.
  2. When prompted by LastPass, place your finger on the fingerprint sensor to authenticate.

About using multiple multifactor authentication options

Troubleshoot Windows Fingerprint Reader

If LastPass does not detect your fingerprint reader when setting up Fingerprint Authentication in your Multifactor Options, you should go to your computer’s Control Panel > Hardware and Sound > Biometric Devices. If it doesn’t list your fingerprint reader, you should contact your laptop manufacturer or look on their support website for Windows Biometric Framework compatible drivers.

UPEK Fingerprint Readers

For UPEK Fingerprint Readers, you must have the latest drivers installed and support for Windows Biometric Framework. For PC-based UPEK readers, please ensure you have Windows Biometric Framework for UPEK installed.

Please note there currently is no direct download site for drivers and software for these readers; please check your computer manufacturer’s website for driver downloads.

For Mac-based UPEK readers you will need the latest version of TrueSuite for Mac, and the TrueSuite extensions for the Safari, Firefox, or Chrome web browsers. Please ensure VtApi.framework is present on your system (go to /Library/Frameworks). For Validity Fingerprint readers, download WBF support.

Validity WBF Drivers

Unfortunately, the driver used for HP ProtectTools can not be combined with the WBF driver for LastPass integration. This is by design, as the native drivers are secure drivers and “take ownership” of the sensor, meaning no other application can use it. To keep HP ProtectTools and use the fingerprint features for Preboot Authentication, Full Volume Encryption, Windows logins and website logins, then they must use the native Validity drivers ONLY.

If you install the WBF drivers, it will interfere with the operation of the fingerprint feature in HP ProtectTools. If that happens, you will need to uninstall the WBF package, and then repair or uninstall and re-install the Validity native drivers called “Validity Fingerprint Sensor Drivers” in Programs and Features. Validity suggests that if you want both HP ProtectTools and LastPass, you must install the WBF drivers and FMA then install LastPass on a Virtual Machine.

It can be done the other way around, however, some of the high-security features HP ProtectTools has will not work 100% from a Virtual Machine, such as Device Access Manager, Full Volume Encryption, and Preboot Authentication. Validity hasn’t verified operation of HP ProtectTools and the native Validity drivers on a Virtual Machine.