IP Policy

LastPass admins can set up IP policies to define which IP address ranges from which users are allowed or denied access when using the LastPass MFA app for authentication.

  1. Log in and access the Admin Console at!/dashboard.
  2. Select MFA or SSO & MFA in the left navigation.
  3. To manage access policies based on IP addresses, go to Policy > IP in the left navigation.
  4. To create an Allowlisted IP Range:
    1. Click +Create Whitelisted IP Range.
    2. Enter the IP Addresses and Tag Name and click Add.

      Result: A warning window displays.

    3. To copy your IP, click the Copy icon.
    4. To activate and assign the IP Policy to users, click Setup policy.
    5. To skip setting up the policy, click Cancel.

      Note: Allowlist IP Policies will remain inactive until they are assigned to users.

    6. In the Manage Policy page, click +New Policy to continue setting up the policy.
    7. Enter the Policy Name and select the saved IP Addresses policy you created.
    8. If needed, assign Geo-fence.
    9. To limit access to a specific time range, add Policy Time Range.
    10. Select Permanent Policy or Temporary Policy.

    Note: If you choose a Temporary Policy, select a date for the policy.

  5. To create Blacklisted IP Range:
    1. Click +Create Blacklisted IP Range.
    2. Enter the blacklist IPs and tag name and click Add.

      Result: A warning window displays.

    3. To block access for all users and all applications from the blacklisted IP addresses, click Save IP. To cancel the blacklisted IP, click Cancel.
  6. Edit the IP Policies.
    1. Select a policy and edit the policy information.
    2. To delete the policy, click Delete.
    3. To activate an inactive Geofencing policy or manage access to a policy, click Access and select a policy.

      To learn more about assigning and managing access policies, see Access Policy Management.