How do I permit offline access to my LastPass Vault?

When you log in to your LastPass account via desktop or mobile device while you have an Internet connection, you are creating a locally cached version of your encrypted data to the local drive. This is the data that LastPass loads when you log in to LastPass while offline. Any LastPass web browser extension, desktop app, or mobile app can be logged into without an Internet connection, and will default to offline mode when no connection is present, if allowed to do so.


If you have a LastPass Teams or LastPass Business account, the ability to perform these actions may be limited or prohibited due to policies enabled by your LastPass admin.

Attention: If you clear your LastPass Local Cache, you will have to log in while you are online once more (either via the web browser extension or mobile app) to recreate your cache before you can log in using offline access again.

About federated login users

There are feature limitations that apply to LastPass users whose accounts are configured for federated login using AD FS, Azure AD, Okta or Google Workspace.

One limitation is that offline access is not permitted, as the client side (web browser extension) must remain online in order to obtain the user's encryption key and unlock the user's LastPass Vault.

For more information, please see What are the limitations for LastPass users with federated login?

About offline access for passwordless authentication

Offline Mode for passwordless authentication enables users to authenticate with the LastPass Authenticator using a time-based One-Time Passcode to access their desired resource (i.e., LastPass vault, SSO Apps, or their workstation via Workstation Login) even when an Internet connection is not present.

To control whether Offline Mode is available for passwordless authentication via the LastPass Authenticator, LastPass admins can manage custom authentication policy settings.