HELP FILE

How do I set up all account recovery options for LastPass?

Once you have created your LastPass account, it is strongly recommended that you set up and configure all account recovery options so that you can regain access to your LastPass Vault if your Master Password is ever forgotten. These recovery options can be configured at any time during the life of your LastPass account.

Warning: If recovery options are not set up and you are unable to recover your Master Password, you will need to create a brand new LastPass account and re-enter all of your Vault data.
CAUTION: Please be aware that LastPass Support has no knowledge of a user's Master Password. It is not possible for LastPass Support to reset or change a user's Master Password if it is forgotten. Learn more at Why can't LastPass Support reset the Master Password for my account?.

The following recovery options are available:

Recovery Option #1: Log in to LastPass from your desktop

When you log in to LastPass from your desktop, you create a locally-stored Recovery One Time Password on each web browser where you log in, which can be used in the account recovery process if you ever forget your Master Password.

A Recovery One Time Password is something that is created for you automatically when you log in to LastPass via the web browser extension and/or online web Vault (i.e., the LastPass website), and is not something you can write down.

Note: For more information about the Recovery One Time Password, see What is a Recovery One Time Password in LastPass?
  • Log in to your online web Vault (via the LastPass website) – This login method can be used if you cannot install the LastPass web browser extension locally. Logging in by accessing your online web Vault (via the LastPass login page) from multiple browsers will store the Recovery One Time Password locally in each browser's local storage so that it can be used for account recovery (as long as you have not cleared your browser's local storage since the last time you logged in to LastPass).
    Warning: If you are using a public or untrusted computer, we recommend that you Use Temporary (One-Time) Passwords to log in to LastPass instead of the LastPass website. If you do log in to the LastPass website on a public or untrusted computer, be sure to clear the cache of the web browser on which you accessed LastPass before you leave the computer (in order to clear the Recovery One Time Password that was captured from your login session).
  • Log in via the LastPass web browser extension (recommended) – This login method is recommended so that you can manage extension settings and preferences to customize the way you want to use LastPass only on devices that you trust. Additionally, logging in using the extension creates an encrypted cache of your Vault data locally, and generates a Sharing Key for creating and using shared folders (if applicable).

    It is encouraged that you log in via the extension on multiple web browsers (as often as you can), and, if possible, from multiple devices that you trust, which will store the Recovery One Time Password locally in the LastPass extension's repository for each browser. Additionally, logging in from multiple trusted devices ensures that you have multiple Recovery One Time Passwords.

Recovery Option #2: Set up mobile account recovery on iOS or Android

Important: Regardless of how you use LastPass (desktop app, web browser extension, mobile app), you are strongly encouraged to set up Touch ID/Fingerprint or Face ID/Face Unlock so that you can use mobile account recovery for iOS or Android, allowing you to reset your Master Password using biometrics from that device. Even if you decide that you will never use the LastPass Password Manager mobile app, setting up mobile account recovery on your current mobile device acts as a safety net in which you can reset your Master Password using biometrics.

Recovery Option #3: Manage your Master Password Reminder

Recovery Option #4: Set up SMS account recovery

You can set up SMS account recovery by adding a mobile number to your account to receive a verification text message that is used in the account recovery process in case you ever forget your Master Password.
Important: To complete the steps for account recovery, a valid Recovery One Time Password is required, which is created when you log in to the LastPass web browser extension and/or online web Vault on your desktop and have not cleared your cache.

Follow the steps to Set Up SMS Account Recovery for LastPass.