HELP FILE
How do I set up all account recovery options for LastPass?
Once you have created your LastPass account, it is strongly recommended that you set up and configure all account recovery options so that you can regain access to your LastPass Vault if your Master Password is ever forgotten. These recovery options can be configured at any time during the life of your LastPass account.
If recovery options are not set up and you are unable to recover your Master Password, you will need to create a brand new LastPass account and re-enter all of your Vault data.
Please be aware that LastPass Customer Care has no knowledge of a user's Master Password. It is not possible for LastPass Customer Care to reset or change a user's Master Password if it is forgotten.
Before you begin setting up recovery options
There are a few things you need to do first so that you can utilize certain account recovery in case your Master Password is ever forgotten.
Install the LastPass web browser extension and log in to the extension often (from multiple trusted devices)
- Download and install the LastPass web browser extension (see instructions)
- Log in to the LastPass web browser extension as often as you can and, if possible, from multiple devices that you trust (see instructions)
Other benefits:
- Creates a Recovery One Time Password, which can be used to reset your Master Password during account recovery if it is ever forgotten. Additionally, logging in from multiple trusted devices ensures that you have multiple Recovery One Time Passwords.
- Creates an encrypted cache of your Vault data, which continues to be updated as you store more data (site passwords, secure notes, form fill items).
- Automatically generates a Sharing Key so that you can create and use shared folders (if applicable).
Recovery Option #1: Log in to the LastPass web browser extension on multiple devices
When you log in to the LastPass web browser extension on multiple devices that you trust, you create a Recovery One Time Password on each device. This means that if you ever make a change to your LastPass account that causes your Vault to be re-encrypted, the Recovery One Time Password will become invalidated on that device, but you could still reset your Master Password from another device where you had logged in to the LastPass web browser extension.
Here are some actions that would cause your Recovery One Time Password to be lost or invalidated:
- Changing your Master Password on a mobile device (invalidates ALL Recovery One Time Passwords stored in your web browsers)
- Uninstall/reinstall of the LastPass web browser extension
- Disabling the LastPass web browser extension
- Clearing your LastPass cache
- Reformatting your computer
- Unintentional corruption of your encrypted Vault cache (this is rare, but can be caused by other programs on your machine)
For more information, please see What is the difference between a One Time Password and a Recovery One Time Password?
Recovery Option #2: Set up mobile account recovery on iOS or Android
- Download the LastPass Password Manager app (download for iOS | download for Android)
- Log in to the app and set up mobile account recovery (see instructions for iOS | see instructions for Android)
Regardless of how you use LastPass (desktop app, web browser extension, mobile app), you are strongly encouraged to set up Touch ID/Fingerprint or Face ID so that you can use mobile account recovery for iOS or Android, allowing you to reset your Master Password via biometrics from that device. Even if you decide that you will never use the LastPass Password Manager mobile app, setting up mobile account recovery on your current mobile device acts as a safety net in that you can reset your Master Password using biometrics.
Recovery Option #3: Manage your Master Password Reminder
- View your existing Master Password Reminder (see instructions)
- Change your Master Password to create a new hint (see instructions)
When you created your account and set up your Master Password, you were given the option of creating a password hint. If you want to create a new password hint/reminder, you will need to change your Master Password to set a new hint or update an existing hint.
Recovery Option #4: Set up SMS account recovery
This recovery option requires a valid recovery One Time Password, which is created when you log in to the LastPass web browser extension on your desktop and have not cleared your cache.
- Add a mobile number to your account for SMS recovery (see instructions)
As one of your Master Password recovery options, you can set up SMS account recovery by adding a mobile number to your account to receive a verification text message in case you every forget your Master Password. Using this option as a means of account recovery will trigger the Master Password recovery flow.
You can also set up additional security options to further protect your account
Security Option #1: Add a security email address for alerts
- Add a secondary security email address (see instructions)
Depending on your security settings, LastPass may occasionally email you security notifications that require your response, which are sent to your primary LastPass username (email address). However, you can further safeguard your account by adding a secondary security email address to which security notifications can be sent in case your primary account email address is ever compromised.
If you ever forget your Master Password, enabling a security email allows LastPass to send a Master Password recovery link to that email address, which will trigger the account recovery flow. To complete the steps for account recovery, a valid Recovery One Time Password is required, which is created when you log in to the LastPass web browser extension on your desktop and have not cleared your cache.
Security Option #2: Generate One Time Passwords
- Generate One Time Passwords (see instructions)
To use the One Time Passwords, you generate a list of temporary passwords ahead of time, and cross them off as they are used each time you log in to your account. You can also invalidate OTPs if you are concerned that they have become compromised.
Please note that One Time Passwords do not replace your Master Password. Additionally, if you log in with a One Time Password, you will not be able to export your LastPass Vault data.
For more information, please see What is the difference between a One Time Password and a Recovery One Time Password?
Related
Set Up and Use SMS Account Recovery
Recover Your Lost Master Password
Manage Your Master Password Reminder
How do I set up and use mobile account recovery on Android?
How do I set up and use account recovery in the LastPass app for iOS?