How do I allow offline mode for the LastPass MFA app using policies?
In order for LastPass MFA users to authenticate using time-based One-time Passcodes (TOTP) while their device is offline or in Airplane mode, you must enable an authentication policy in the LastPass (MFA or SSO & MFA) Admin Console to allow offline mode for the app.
Considerations for LastPass Identity admins
In addition to enabling the offline mode policy, admins for LastPass Identity accounts (using a Password Manager Vault, SSO, and MFA) must also ensure that there are not any policies enabled within the Password Manager Admin Console that prohibit offline access to these users. Learn how to manage policies in the Password Manager Admin Console.
Enable the "Allow Offline Mode" policy
- Log in and access the LastPass Admin Console by doing either of the following:
- While logged in to LastPass, click the active LastPass icon in your web browser toolbar, then select Admin Console in the menu.
- Log in at https://lastpass.com/?ac=1 with your username and Master Password, then select Admin Console in the left navigation.
- In the left navigation of the Admin Console, select MFA or SSO & MFA.
- In the left navigation, go to Policy < Authentication.
- Scroll to the bottom of the page and locate "Allow Offline Mode for LastPass MFA" for both iOS and Android.
- Click the radio button for Enable Offline Mode for iOS and/or Android.
Your LastPass MFA app users are now able to use time-based One-Time Passcodes to authenticate if their device is offline.