How do I reset my Master Password using SMS account recovery for LastPass?

Using SMS account recovery will trigger the Master Password recovery flow as long as at least one of your browsers has captured a Recovery One Time Password (which is created by logging in to the extension at least once).

Watch Video

Before you begin: Be sure you have already set up SMS account recovery before proceeding.
  1. Navigate to
  2. Enter your username, then click Continue.
  3. The system sends an SMS message to your phone containing a numeric code. Enter this code into your web browser, and click Verify.
  4. Select Click to Recover Account.
  5. When prompted if you want to use a one-time password for account recovery, click Yes.
  6. When the next window appears advising that Account Recovery has been detected and that you must immediately change your Master Password, click OK to proceed.

    Troubleshooting: If you encounter a message that "LastPass account recovery has failed because your current browser didn't save account recovery data on this computer" or that a "Recovery One Time Password was not detected" try repeating these steps on another web browser where you have logged in to LastPass. For additional information, please see troubleshooting information here.

  7. Enter a new Master Password and confirm, then enter Master Password hint (optional but recommended).
  8. Click Confirm.

    Result: A message indicates that your password has changed.

  9. Click OK to proceed with logging out.
  10. Once you have been logged off of LastPass, log back in again using your new Master Password.

    Result: You have successfully reset your Master Password.

What to do next: (Recommended)

It is strongly recommended that you perform the following steps immediately after updating your Master Password in order to create new Recovery One Time Passwords:

  1. Log out of LastPass on every computer and/or mobile device where you have installed and accessed your LastPass Vault. You can check your active sessions for all devices.
  2. Log back in with your new Master Password.
For each computer and/or device where this is done, a new Recovery One Time Password is created, which can be used for account recovery if your Master Password is ever forgotten.

What to do next: (Optional)

Changing or resetting your Master Password will invalidate all one-time passwords that you generated before the change occurred (as it requires your Vault to be re-encrypted). This means that you will need to generate new OTPs after a Master Password change, as all OTPs you generated previously will no longer be listed. Learn how to generate new one-time passwords.