HELP FILE

How do I use Face ID for account recovery in the LastPass app for iOS?

When using the LastPass app for iOS, you can set up Face ID (or Touch ID) as a means of account recovery in case your Master Password is ever forgotten.

Regardless of how you use LastPass (desktop app, web browser extension, mobile app), it is strongly recommended that you set up mobile account recovery in case other recovery options are not able to be used.

Once set up and enabled, you can reset your Master Password using Face ID (only using this mobile device) to restore access to your Vault. Don't worry, if you skip this step when you were initially prompted, you can always enable it later in the LastPass app Security settings. Alternatively, you can recover your account by using a password hint that you set up when you created or last reset your Master Password. For information about mobile account recovery security, please see below.

Please be aware that LastPass Customer Care has no knowledge of a user's Master Password. It is not possible for LastPass Customer Care to reset or change a user's Master Password if it is forgotten.

Note: If you are concerned that your LastPass account has been compromised, follow these steps.

Set up Face ID

You must log in to the LastPass app for iOS with your username and Master Password before you can set up account recovery using Face ID.

  1. Set up Face ID on your iOS device using Apple's initial setup instructions.
  2. Log in to the LastPass app for iOS with your username and Master Password.
  3. If you are logging in for the first time, you are prompted upon login to turn on Face ID. Toggle on the switch for Use Face ID. Otherwise, see below for enabling Face ID in the app's Security settings.
  4. Tap OK to allow LastPass to use Face ID.
  5. Glance at your device while holding in portrait orientation.
  6. Tap Save when finished. You're all set!

Reset your Master Password using Face ID

  1. Open the LastPass app for iOS, then tap Forgot Password? on the login screen.
  2. Tap Recover Account, then tap Recover with Face ID.
  3. Glance at your device while holding in portrait orientation.
  4. When prompted, enter a new Master Password, then confirm it. If desired, set a password hint (recommended).
  5. Tap Set Master Password, then tap Log In.
  6. Enter your username and newly created Master Password, then tap Log In to access your Vault.

Enable Face ID and Account Recovery in Security Settings

You must log in to the LastPass app for iOS with your username and Master Password before you can set up account recovery using Face ID.

  1. Set up Face ID for your iOS device using Apple's initial setup instructions.
  2. Log in to the LastPass app for iOS with your username and Master Password.
  3. Tap Settings in the bottom toolbar.
  4. Tap Security and toggle on the switch for Use Face ID.
  5. Glance at your device while holding in portrait orientation.
  6. Toggle on the switch for Account Recovery.
  7. Glance at your device while holding in portrait orientation.
  8. You're all set!

Use a password hint (optional)

In addition to setting up Touch ID or Face ID, it is also strongly recommended that you set a password hint when creating or resetting your Master Password via the LastPass app for iOS. This should be a keyword or phrase that acts as a clue or subtle reminder that can be sent via email to help you remember your Master Password in case it is ever forgotten. If the password hint helps you remember your Master Password, try logging in to the app again.

About mobile account recovery security

The account recovery process uses recovery One Time Passwords (OTPs), stored locally on the user’s mobile device behind biometrics. Users do not have direct access to recovery OTPs. These are bits of data that are stored automatically by the mobile app. When you use the LastPass mobile app, it generates an OTP that is derived from the Master Password and stores on the device itself. It will stay there until you go through account recovery on that specific device where the OTP was generated and stored. If you do the recovery process (by tapping Forgot Password? on the login screen) it will retrieve that OTP, and allow you to immediately reset your Master Password if it detects that the OTP was stored in the app.

OTPs are local to specific app instances – meaning one OTP should be generated for each app instance, on each mobile device, where you use LastPass. Recovery OTPs are not portable, they are stored in the specific mobile device’s secure storage, so recovery can only be done in the LastPass mobile app where you have used your LastPass account before. When you next log in to your account after you’ve reset your Master Password, new OTPs are generated for the app upon login.

Note: All OTPs are derived from the Master Password that is current to the account when they are created. Changing the Master Password in any way (even by reverting to a previous Master Password) will invalidate the OTPs so they cannot be used.

Related

How do I use Touch ID for account recovery in the LastPass app for iOS?

How do I set up and use mobile account recovery on Android?

How do I use the LastPass app for iOS?

How do I use the LastPass app for Android?

Recover Your Lost Master Password