Manage Account Settings
Your Account Settings section allows you to view and edit your global Settings and Preferences. Once you access your Account Settings, you can manage general login settings, advanced security settings, Multifactor Authentication options, trusted devices, and mobile devices. You can also control how LastPass interacts with websites using Never URLs, equivalent domains, and managing URL rules.
Note: If you have a LastPass Teams, Enterprise, or Identity account, the ability to perform these actions may be limited or prohibited due to policies enabled by your LastPass admin.
Access Account Settings
- Log in to LastPass and access your Vault by doing either of the following:
- Go to https://lastpass.com/?ac=1 and log in with your username and Master Password.
- In your web browser toolbar, click the LastPass icon then click Open My Vault.
- Select Account Settings in the left navigation.
- Account Email – View or change the email address used to access your LastPass account. To change the email address, replace the old email address with the new one and click Update to save the changes. Use Send Test Email to validate your email address.
- Master Password – If you would like to change your Master Password, click Change Master Password. If you would like to revert the change you made, click Revert Password Change. Why don't I see this option?
- Password Reminder – Click View to view your Master Password hint. Why don't I see this option?
- Type – Displays your account type (i.e., Free. Families, Teams, Enterprise) with the ability to upgrade when applicable.
- Links – Helpful links for your account.
- My Account allows you to access your account data, such as when your Premium subscription expires.
- Payment History allows you to view any payments you have made for LastPass.
- Email Subscriptions allows you to manage the types of email notifications you would like to receive from LastPass. Learn more.
- Language – You can change the default language in LastPass to any of our supported languages (i.e., English, French, Spanish, Italian, German, Portuguese, or Dutch). Once you have selected your desired language, click Update to save the changes. You will need to log out and log back in to your Vault to display LastPass in your newly selected language. Editing your language selection from your online Vault will only apply to viewing and using the online Vault – language settings for your web browser extensions need to be changed via the LastPass icon > Preferences > Advanced.
- Time Zone – Indicates your time zone from the drop-down menu (relative to GMT).
LastPass offers an optional account recovery feature via an SMS verification code. Learn more.
From the General Account Settings, click Show Advanced Settings, to view the following:
- Password Alerts – When enabled, LastPass will alert you when you are logging into a website where you have a weak or duplicate password. To remove these alerts, click Disable Password Alerts. Learn more.
- Re-prompt for Master Password – Choose which actions will be protected by your Master Password. Learn more.
- Security Email – As an additional layer of security, you may wish to have an email address separate from the one you use on a regular basis to receive important LastPass security emails that require actions. This email address would be used to receive your, LastPass Multifactor Authentication disable email, password hint email, account recovery email, history removal verification email, reverting Master Password change verification email, and abuse/blacklisted IP notifications (these are also sent to your primary email). Learn more.
- Country Restriction – Allows you to restrict login to IP addresses originating only from countries that you select. Learn more.
- Tor Network – Blocks any logins that originate from Tor (virtual tunnel network). Learn more.
- Master Password Reverting – This option is enabled by default, and allows you to revert Master Password changes should you forget your Master Password. Uncheck this box to disable it. Learn more.
- Disable Email Verification – Allows you to skip email verification of unknown devices and locations.
- Disable Multifactor trust expiration – Allows you to skip 30 day expiration for trusted clients.
- Auto-Logoff Other Devices – If enabled, you can only be logged into one instance of LastPass at a time. If you log in from one device, it will log you out of all others.
- Password Iterations – Controls how many times your credentials are hashed using PBKDF2 before being sent to LastPass servers. Learn more.
- Website Auto-Logoff – This controls how long your session exists on the server, allowing you to automatically log in when using the plugin. This assumes that your session does not get destroyed by methods such as explicitly logging out or closing the browser when ‘Logoff when browser is closed’ is enabled in your Extension Preferences.
- Bookmarklet Auto-Logoff – Similar to the "Website Auto-Logoff" option in that it controls how long your session exists on the server, except it only applies to the Bookmarklets feature. Learn more.
Configure your preferred Multifactor Authentication options.
When logging on to a computer for the first time using Multifactor Authentication, LastPass will provide the option of approving the computer as a trusted computer by checking the box for the "Enable" option.
Doing so adds the computer to the "Trusted Computers" list, and ensures that you will not be prompted to enter Multifactor Authentication the next time you log in. These steps must be completed on every device that you want to mark as trusted.
Note: When logging in on a trusted device, you will not be prompted to provide your Multifactor Authentication. Trusted devices automatically expire after 30 days, after which you must re-trust them.
You can disable a trusted computer at any time by unchecking the box for the "Enable" option next to the entry, or delete the entry entirely by clicking the Delete Entry icon . If you want to rename a trusted device, click on the Edit icon , type the new name into the Label field, then click the Save icon to save your changes. Learn more about managing your trusted devices.
Each time you successfully log in to LastPass using a mobile device, a randomly generated unique identifier for the mobile device (UUID) will be added to a list on the Mobile Devices tab. All devices listed here can be renamed, enabled, disabled, or deleted. If you rename the mobile device's UUID, be sure to click the Save icon to save your changes.
If you would like to restrict which devices can log into your LastPass account, click Enable or Disable at the bottom of the window to restrict access to all mobile devices except those allowed to access your LastPass Vault.
LastPass does not restrict mobile login by default. Learn more.
Note: By default, LastPass does not store any default Never URLs.
You may encounter a Site that you do not want LastPass to offer to save, generate a password for, fill forms, autologin, or autofill. The ‘Never URLs’ tab allows you to view, edit, and add all of those Sites for which you do not want LastPass to ever act on. Learn more about managing Never URLs.
If you access multiple websites from a single provider, adding these Sites as equivalent domains allows you to use just one username and password. Learn more.
If you have multiple logins for a particular domain, LastPass fills in the closest URL match by default, but will display all Sites from that domain in its matching list.
This behavior can be changed to only show Sites that match particular hosts/paths by managing your URL Rules. To manage your URL Rules, go to your active LastPass icon > Account Settings > URL Rules. Click the Delete Entry icon to delete the URL rule. Learn more.