How do I create a Recovery One Time Password to use during LastPass account recovery?
You create Recovery One Time Passwords (ROTPs) by logging in to LastPass via the LastPass web browser extension, online web Vault (LastPass website), and/or the LastPass Password Manager mobile app.
What is a Recovery One Time Password?
The Recovery One Time Password is used as a means of recovery to allow you to change your Master Password and gain access to your LastPass Vault if your Master Password is ever forgotten. Since your Vault is encrypted, this is the key that is used to decrypt it during account recovery. Learn more about ROTPs.
Create ROTPs from your desktop using the LastPass website
Log in to your online web Vault (i.e., the LastPass website) from a device you trust to create a new ROTP.
- Go to the LastPass login page at https://lastpass.com/?ac=1.
- Enter your email address and Master Password, then click Log In.
Create ROTPs from your desktop using the web browser extension
- On as many web browsers and trusted devices available to you
- On any web browser where you have cleared your browser cache – clearing your browser cache invalidates your ROTP, but logging in to the extension and/or LastPass website recreates it
- On web browsers you don't normally use – you are less likely to clear your browser cache on a browser you don't often use
- Install the LastPass browser extension (download here).
- Click the inactive LastPass icon in your web browser toolbar.
- Enter your email address and Master Password.
- Click Log In.
Result: An active LastPass icon indicates a successful login, and you have created a Recovery One Time Password for this specific browser.
It is strongly recommended that you perform the following steps immediately after updating your Master Password in order to create new Recovery One Time Passwords:
- Log out of LastPass on every computer and/or mobile device where you have installed LastPass and accessed your LastPass Vault. You can check your active sessions for all devices.
- Log back in with your new Master Password.
If you have created a list of temporary One-Time Passwords to use on public/untrusted computers, then please be aware that changing or resetting your Master Password will invalidate all one-time passwords that you generated before the change occurred (as it requires your Vault to be re-encrypted). This means that you will need to generate new OTPs after a Master Password change, as all OTPs you generated previously will no longer be listed. Learn how to generate new one-time passwords.