Use Microsoft Authenticator
Microsoft Authenticator is a multifactor app for mobile devices that generates time-based codes used during the Two-Step Verification process. Please note that one-tap push notification and 6-digit SMS code authentication options are not supported when using this mobile authenticator.
Note: Feature availability may vary depending on your account type.
For LastPass admins, it is recommended that you complete the steps for enabling Multifactor Authentication in the Admin Console.
Set up the Microsoft Authenticator app
- Install the Microsoft Authenticator app for iOS or Android, then open it.
- In the Microsoft Authenticator window, click View your barcode in the "To get started" section at the top of the window.
- When prompted, enter your Master Password then click Continue.
- On your mobile device, open the Microsoft Authenticator app, tap the Add icon or Add an Account option, then tap Scan barcode.
- Use your device camera to scan the barcode, which will automatically populate a new entry for LastPass in the Microsoft Authenticator app.
- Back on your web browser in the Microsoft Authenticator window, click OK once the barcode has been scanned.
Set up and configure in LastPass
- Log in to LastPass and access your Vault by doing either of the following:
- Go to https://lastpass.com/?ac=1 and log in with your username and Master Password.
- In your web browser toolbar, click the LastPass icon then click Open My Vault.
- Select Account Settings in the left navigation.
- Click on the Multifactor Options tab.
- Click the Edit icon for Microsoft Authenticator.
- For the "Enabled" option use the drop-down menu to select Yes.
- For the "Permit Offline Access" option, use the drop-down menu to choose from the following:
- Select Allow if you wish to allow access to Microsoft Authenticator even when you are offline. This will store an encrypted Vault locally so you can log in without using Multifactor Authentication in case of a connectivity issue.
- Select Disallow to prevent offline access, which requires the use of Multifactor Authentication and to be connected to the internet when using Microsoft Authenticator.
- For the "Barcode" option, click View to scan your QR code in the Microsoft Authenticator app.
- For the "Private Key" option, click View if your mobile device does not have a camera and you'd like to enter the private key manually into the Microsoft Authenticator app.
- For the "Regenerate Key" option, click Regenerate if you lost your mobile device or are concerned that the security of your existing key might have been compromised.
- For the "More Information" section, you can choose to be directed to the mobile app download or this article.
- Click Update when finished, then enter your Master Password and click Continue.
- When prompted, enter the verification code displayed in the Microsoft Authenticator app on your mobile device, then click OK.
- Click OK on the confirmation message that Microsoft Authenticator has been successfully set up.
Using the Microsoft Authenticator
- Open the Microsoft Authenticator app on your mobile device.
- On your desktop web browser, log in to LastPass at https://lastpass.com/?ac=1 with your username and Master Password.
- On your web browser, you can verify your login by entering the 6-digit code displayed in the mobile app. If desired, check the box to enable the option, "Trust this computer for 30 days" and provide a computer name, then click Authenticate. Learn more about managing your trusted devices.
About using multiple Multifactor Authentication options
Please note that if you have more than one Multifactor Authentication option enabled for your account, you must select your desired default authentication option from the drop-down menu at the bottom of your Multifactor Options window in order to be prompted to authenticate with your preferred option when logging in to LastPass.
Disabling authentication for a new or lost device
If your phone number has changed or the mobile device used for authentication is lost, you can disable Multifactor Authentication via email so that you can log in to your LastPass account.
About Migrating from Google Authenticator to Microsoft Authenticator
Please see the steps outlined in the following resources based on your role within your LastPass account:
- How to Migrate from Google Authenticator to Microsoft Authenticator (Admins)
- How to Migrate from Google Authenticator to Microsoft Authenticator (Users)