How do I set up all account recovery options for LastPass?
Once you have created your LastPass account, it is strongly recommended that you set up and configure all account recovery options so that you can regain access to your LastPass Vault if your Master Password is ever forgotten. These recovery options can be configured at any time during the life of your LastPass account.
If recovery options are not set up and you are unable to recover your Master Password, you will need to create a brand new LastPass account and re-enter all of your Vault data.
Before you begin setting up recovery options
There are a few things you need to do first so that you can utilize certain account recovery in case your Master Password is ever forgotten.
Install the LastPass web browser extension and log in to the extension often (from multiple trusted devices)
- Download and install the LastPass web browser extension.
- Log in to the LastPass web browser extension as often as you can and, if possible, from multiple devices that you trust.
You will gain the following benefits:
- Creates a Recovery One Time Password, which can be used to reset your Master Password during account recovery if it is ever forgotten. Additionally, logging in from multiple trusted devices ensures that you have multiple Recovery One Time Passwords.
- Creates an encrypted cache of your Vault data, which continues to be updated as you store more data (site passwords, secure notes, form fill items).
- Automatically generates a Sharing Key so that you can create and use shared folders (if applicable).
Recovery Option #1: Log in to the LastPass web browser extension on multiple devices
When you log in to the LastPass web browser extension on multiple browsers and devices that you trust, you create a Recovery One Time Password on each browser and device. This means that if you ever make a change to your LastPass account that causes your Vault to be re-encrypted, the Recovery One Time Password will become invalidated on that device, but you could still reset your Master Password from another device where you had logged in to the LastPass web browser extension. Here are some actions that would cause your Recovery One Time Password to be lost or invalidated:
- Changing your Master Password on a mobile device (invalidates ALL Recovery One Time Passwords stored in your web browsers)
- Uninstall/reinstall of the LastPass web browser extension
- Disabling the LastPass web browser extension
- Clearing your LastPass cache
- Reformatting your computer
- Unintentional corruption of your encrypted Vault cache (this is rare, but can be caused by other programs on your machine)
For more information, see What is the difference between a One Time Password and a Recovery One Time Password?.
Recovery Option #2: Set up mobile account recovery on iOS or Android
- Download the LastPass Password Manager app (download for iOS | download for Android)
- Log in to the app and set up mobile account recovery (see instructions for iOS | see instructions for Android)
Recovery Option #3: Manage your Master Password Reminder
Recovery Option #4: Set up SMS account recovery
For more information, see Set Up SMS Account Recovery for LastPass.
You can also set up additional security options to further protect your account
Security Option #1: Add a security email address for alerts
- Add a secondary security email address
Security Option #2: Generate One Time Passwords
- Generate One Time Passwords
To use the One Time Passwords, you generate a list of temporary passwords ahead of time, and cross them off as they are used each time you log in to your account. You can also invalidate OTPs if you are concerned that they have become compromised.
Please note that One Time Passwords do not replace your Master Password. Additionally, if you log in with a One Time Password, you will not be able to export your LastPass Vault data.
For more information, see What is the difference between a One Time Password and a Recovery One Time Password?