How do I set up and configure YubiKey?

You can set up and configure your LastPass account to use YubiKey for authentication.

  1. Plug your YubiKey device into the USB port of your computer.
  2. Log in to LastPass and access your Vault by doing either of the following:
    • In your web browser toolbar, click the LastPass icon active LastPass icon, then select Open My Vault.
    • Go to and log in with your email address and Master Password.
  3. Select Account Settings in the left navigation.
  4. Select the Multifactor Options tab.
  5. Click the Edit icon Edit option for Yubico.
  6. Click within the YubiKey #1 field.
  7. Lightly press your YubiKey device button (that has the Wi-Fi icon or "Y" in the center) to automatically fill in the YubiKey #1 field.
  8. Once filled, you can specify your YubiKey preferences as follows:

    • For the "Enabled" option, use the drop-down menu to select Yes. Once enabled, you will be prompted to enter the YubiKey data the next time you log in to LastPass from your iOS or Android device, or from your desktop.
    • For the "Permit access from incompatible mobile devices" option, this controls whether mobile devices that are not equipped with an NFC reader will be allowed to bypass YubiKey Multifactor Authentication when enabled. The following settings only apply to LastPass accounts who utilize iPhone 6S or older running iOS 10 or earlier, and select Android devices, which lack an NFC reader. Use the drop-down menu to select from the following options:
      • Select Allow if you want to use older mobile devices to access the LastPass mobile app.
        Note:  When selecting this option, you are required to set up and enable at least 1 additional Multifactor Authentication option so that when you access LastPass from a mobile device lacking an NFC reader, you can still authenticate by using your other enabled Multifactor Authentication option when prompted.
      • Select Disallow if you want to prohibit access from older mobile devices to the LastPass mobile app (due to being unable to authenticate with YubiKey).
    • For the "Permit Offline Access" option, use the drop-down menu to choose from the following:
      • Select Allow if you wish to allow access to Google Authenticator even when you are offline. This will store an encrypted Vault locally so you can log in without using Multifactor Authentication in case of a connectivity issue.
      • Select Disallow to prevent offline access, which requires the use of Multifactor Authentication and to be connected to the internet when using Google Authenticator.
      Note: If this option is selected and you are not connected to the internet and/or is not available, you will be unable to access your Vault. Learn more about offline access.

  9. Click Update when finished.

    Tip: To disassociate a YubiKey device with your LastPass account, clear the entire YubiKey input field of all characters and click Update.

You have enabled YubiKey for your LastPass account.