HELP FILE

Fingerprint Authentication

LastPass has support for various fingerprint readers, including Windows Biometric Framework. Once enabled, you can use the Fingerprint reader to log in to the LastPass browser extension rather than having to enter your Master Password (including Master Password re-prompts as well).

Note: This feature is not available to LastPass Free account users.

It is required that you follow all steps in Enable Multifactor Authentication before proceeding.

Please note that if you have more than 1 Multifactor Authentication option enabled for your account, you must select your desired default authentication option from the drop-down menu at the bottom of your Multifactor Options window in order to be prompted to authenticate with your preferred option when logging in to LastPass.

Topics in this article:

System requirements

Set up and configure

Use Fingerprint Authentication

Troubleshoot Fingerprint Reader

Admin Console administration

System requirements

  • Windows 7 or later
  • Windows Biometric Framework drivers installed
  • Safari, Opera, and Chrome can be supported by installing an additional Binary Component using the LastPass Universal Installer at https://lastpass.com/installer
  • Windows 8 may require an additional Binary Component to be installed. If you encounter an issue with fingerprint swiping, please try running the LastPass Universal Installer at https://lastpass.com/installer

Set up and configure

Note: Please follow all steps in Enable Multifactor Authentication before proceeding.

Once you have clicked the Edit icon for Fingerprint Authentication, you can then finish the set up process as follows:

  1. For the "Type" section, one of the following will be displayed:
    • If you have not installed the binary component – Browser extension is missing binary component, click here to install.
    • If you have installed the binary component but are on a device that does not have a fingerprint sensor – No supported devices were found.
    • If you have installed the binary component and are using a supported device – proceed with the next steps.
  2. For the "Enabled" option use the drop-down menu to select Yes.
  3. Click Update.
  4. When prompted, enter your Master Password, then click OK.
  5. Follow the prompts to finish setting up Fingerprint Authentication.
  6. Click Update when finished.

Use Fingerprint Authentication

  1. On your desktop web browser, log in to LastPass.
  2. When prompted by LastPass, hold your finger on the fingerprint sensor to authenticate.

Troubleshoot Fingerprint Reader

If LastPass does not detect your fingerprint reader when setting up Fingerprint Authentication in your Multifactor Options, you should go to your computer’s Control Panel > Hardware and Sound > Biometric Devices. If it doesn’t list your fingerprint reader, you should contact your laptop manufacturer or look on their support website for Windows Biometric Framework compatible drivers.

UPEK Fingerprint Readers

For UPEK Fingerprint Readers, you must have the latest drivers installed and support for Windows Biometric Framework. For PC-based UPEK readers, please ensure you have Windows Biometric Framework for UPEK installed.

Please note there currently is no direct download site for drivers and software for these readers; please check your computer manufacturer’s website for driver downloads.

For Mac-based UPEK readers you will need the latest version of TrueSuite for Mac, and the TrueSuite extensions for the Safari, Firefox, or Chrome web browsers. Please ensure VtApi.framework is present on your system (go to /Library/Frameworks). For Validity Fingerprint readers, download WBF support.

Validity WBF Drivers

Unfortunately, the driver used for HP ProtectTools can not be combined with the WBF driver for LastPass integration. This is by design, as the native drivers are secure drivers and “take ownership” of the sensor, meaning no other application can use it. To keep HP ProtectTools and use the fingerprint features for Preboot Authentication, Full Volume Encryption, Windows logins and website logins, then they must use the native Validity drivers ONLY.

If you install the WBF drivers, it will interfere with the operation of the fingerprint feature in HP ProtectTools. If that happens, you will need to uninstall the WBF package, and then repair or uninstall and re-install the Validity native drivers called “Validity Fingerprint Sensor Drivers” in Programs and Features. Validity suggests that if you want both HP ProtectTools and LastPass, you must install the WBF drivers and FMA then install LastPass on a Virtual Machine.

It can be done the other way around, however, some of the high-security features HP ProtectTools has will not work 100% from a Virtual Machine, such as Device Access Manager, Full Volume Encryption, and Preboot Authentication. Validity hasn’t verified operation of HP ProtectTools and the native Validity drivers on a Virtual Machine.

Admin Console administration

You can configure various policies that involve this authenticator within the Admin Console, including the requirement of its use and/or additional customization settings. For more information about configuring and enforcing policies, please see detailed instructions for LastPass Teams and Enterprise.