HELP FILE

How do I create a time-based one-time passcode (TOTP) for site entries as a LastPass business account user?

If you have a LastPass business account, you can create a time-based one-time passcode so that it can be shared with others who also access the same site (using the same site credentials) where Two-Factor Authentication is required.

About TOTP codes for LastPass

  • LastPass generates 6-digit one-time passcodes using SHA-1 algorithm, and these codes are regenerated every 30 seconds
  • TOTP codes are only supported for site entries in your Vault (i.e., not support for secure notes or items)
  • If your computer's clock is not synced with universal Internet time, it could cause the TOTP code to be invalid and you may encounter an error when entering it

About policy restrictions

The ability to perform these actions may be prohibited if the "Don't show TOTP in Vault" policy is enabled by your LastPass admin for your LastPass business account.

Before you begin: You must do the following before proceeding:
  • Set up Two-Factor Authentication within the site's security settings (outside of LastPass)
  • Enable the site to use an authentication app, then copy the secret key provided by the site in the Two-Factor Authentication settings

How to create a TOTP code

To enter the secret key into your LastPass site entry and generate a TOTP code that can be shared, do the following:
  1. Log in to LastPass and access your Vault by doing either of the following:
    • In your web browser toolbar, click the LastPass icon active LastPass icon and select Open My Vault.
    • Go to https://lastpass.com/?ac=1 and log in with your email address and Master Password.
  2. In your Vault, you can create a time-based one-time passcode while you add a new site entry or edit an existing:
    To do this Do this
    Add a new site password
    1. Click the Add icon .
    2. Select Password.
    3. Enter all of the information you want to store.
    Edit an existing site password
    1. Locate your desired site password entry.
    2. Click the Edit icon .
  3. Click Enter your secret key.

  4. Enter the secret key (which is obtained within the Two-Factor Authentication settings for the site in which you are enabling this feature) then click Activate.

    Attention: Do not include any spaces when entering the secret key.

    Result: A one-time passcode (6-digits long) is automatically generated in LastPass.

    Note: LastPass generates 6-digit one-time passcodes using SHA-1 algorithm, and they are regenerated every 30 seconds.

  5. In the "Two-Factor Code" field, click the Show Text icon to view the TOTP code, then copy the code.

  6. Optional: If you need to generate a new Two-Factor Code, click the Show Text icon to hide the current code, then click the Show Text icon again to create a new one.
  7. Return to your desired site's settings and paste the code for verification, then proceed.
You have now created a Two-Factor Code (i.e., time-based, one-time passcode or TOTP) for your site and stored it within your site entry in your LastPass Vault.
What to do next: If desired, you can share this site entry with others who also need to use the same site credentials.