HELP FILE

How do I integrate SecureAuth with my LastPass Business account?

LastPass Business supports SecureAuth authentication. In order to set up this integration, you must provide LastPass with your SecureAuth Application ID, Application Key, and Realm.

Required for setup:

  • SecureAuth account
  • LastPass Business account

Step #1: Get the SecureAuth Authentication API Application Credentials

  1. Follow the instructions under the Authentication API section.
  2. Copy the following values and save them to a text editor:
    • Application ID
    • Application Key
    • Realm

Step #2: Set up the SecureAuth integration in LastPass Business

  1. Log in and access the Admin Console at https://lastpass.com/company/#!/dashboard.
  2. Go to Advanced OptionsBusiness Options > Multifactor options > SecureAuth.
  3. Enter the Application ID, Application Key, and Realm that you copied from Step #1.
  4. Click Update when finished.

Step #3: Enable SecureAuth as a Multifactor Option

  1. From within the Admin Console, go to Advanced OptionsBusiness Options > Multifactor options.
  2. Under "Enabled Multifactor Options" toggle on the switch for the SecureAuth option.

Step #4: Add and configure a Multifactor Authentication policy

  1. From within the Admin Console, go to SettingsPolicies in the left navigation.
  2. Click Add Policy, then choose from the following policies:
  3. Under Multifactor, select Require use of any multifactor option
  4. Select your desired user list for which this policy should be applied. 
  5. Enter Notes for additional information about this policy (optional).
  6. Click Save when finished.

Step #5: Advise your users to set up Multifactor Authentication

Once you have completed the steps above, your users can set up and enable Multifactor Authentication for their LastPass Business account.

About removal of users enabled with SecureAuth

The SecureAuth integration is associated with your LastPass Business account. If you remove users from your company account without first disabling SecureAuth as their multifactor authentication option, those users may become locked out of their LastPass account (if it is converted to a LastPass Free account) once removed.

For this reason, we recommend disabling the SecureAuth for users you plan to remove, as follows:
  1. Go to https://lastpass.com/company/#!/dashboard and log in to access the Admin Console.
  2. Select Users in the left navigation.
  3. Check the boxes next to your desired users.
    Tip: To sort by users enabled with SecureAuth, click the Multifactor column header row for the users table.
  4. Select More actions > Disable multifactor for selected users.
  5. Click OK to confirm.

You have disabled SecureAuth for your selected users, and you can now safely remove those users from your company account without risk of locking them out (if their accounts convert to LastPass Free accounts).