HELP FILE

Use Symantec VIP

You can utilize Multifactor Authentication with Symantec VIP. It provides one-time password codes from a mobile app that the user can key in as they log in to their LastPass account to authenticate.

Note: Feature availability may vary depending on your account type.

To get started, LastPass admins of LastPass Business accounts must complete the steps for enabling Multifactor Authentication in the Admin Console, as well as add all users' Credential IDs as registered devices in the Symantec VIP Manager portal (or by using the self-service portal here).

Once the administration steps are complete, LastPass users can set up and use Symantec VIP.

Set up and configure in LastPass

  1. Download the Symantec VIP Access authenticator app on your iOS or Android device.
  2. Log in to LastPass and access your Vault by doing either of the following:
    • In your web browser toolbar, click the LastPass icon LastPass then click Open My Vault.
    • Go to https://lastpass.com/?ac=1 and log in with your email address and Master Password.
  3. Select Account Settings in the left navigation.
  4. Click on the Multifactor Options tab.
  5. Click the Edit icon Edit option for Symantec VIP.
  6. For the "Enabled" option, select Yes from the drop-down menu.
  7. For the "Permit Offline Access" option, use the drop-down menu to choose from the following:
    • Select Allow if you wish to allow access to LastPass even when you are offline. This will store an encrypted Vault locally so you can log in without using Multifactor Authentication in case of a connectivity issue.
    • Select Disallow to prevent offline access, which requires the use of Multifactor Authentication and to be connected to the internet when using LastPass.
      Note: If this option is selected and you are not connected to the internet and/or https://lastpass.com is not available, you will be unable to access your Vault. Learn more about offline access.
  8. When finished, click Update.
  9. Enter your Master Password, then click Continue.
  10. Enter the "Credential ID" value that appears on the VIP Access app.
  11. Enter the 6-digit "Security Code" that is generated on the VIP Access app.
  12. Once both values are entered, Symantec VIP is enabled for your LastPass account.

Using the Symantec VIP authenticator to log in to LastPass

You can log in and access your LastPass Vault from a desktop or mobile device.

Log in from the desktop and authenticate

  1. Open the authenticator app on your mobile device.
  2. Log in to LastPass and access your Vault by doing either of the following:
    • In your web browser toolbar, click the LastPass icon LastPass then click Open My Vault.
    • Go to https://lastpass.com/?ac=1 then enter your username and Master Password and click Log In.
  3. When prompted for multifactor authentication, your default multifactor option is served (if multiple). If desired, you can click Additional Multifactor Options, then select your desired multifactor option from the list at the bottom.

    Note: If you are part of a company account and a policy has been enforced to only allow one multifactor option, the "Use Alternative Multifactor" section will not be displayed.

  4. Follow the prompts to authenticate, which will vary depending on how multifactor authentication is configured for your account (e.g., 6-digit passcode, SMS code, push notification, voice call, etc.).
  5. If desired, toggle on the switch for the Trust this computer for 30 days setting and provide a computer name on the LastPass authentication dialog. Otherwise, click Authenticate.

    Learn more about managing your trusted devices.

You have now logged in to LastPass and authenticated using the multifactor option configured for your account.

Log in from a mobile device and authenticate

  1. On your iOS or Android device, open the LastPass Password Manager mobile app.
  2. Enter your username and Master Password, then tap or select Log In.
  3. When prompted for multifactor authentication, your default multifactor option is served (if multiple). If desired, you can tap or select Use Alternate Multifactor, then select your desired multifactor option from the list at the bottom.

    Note: If you are part of a company account and a policy has been enforced to only allow one multifactor option, the "Use Alternative Multifactor" section will not be displayed.

  4. Follow the prompts to authenticate, which will vary depending on how multifactor authentication is configured for your account (e.g., 6-digit passcode, SMS code, push notification, voice call, etc.).
  5. If desired, you can toggle on the switch for Trust this device so you are not prompted to authenticate within the next 30 days. Otherwise, tap or select Next to continue.

    You have now logged in to the LastPass Password Manager mobile app and authenticated using the multifactor option configured for your account.

About using multiple multifactor authentication options

Please note that if you have more than one Multifactor Authentication option enabled for your account, you must select your desired default authentication option from the drop-down menu at the bottom of your Multifactor Options window in order to be prompted to authenticate with your preferred option when logging in to LastPass.

Disabling authentication for a lost or new device

If your phone number has changed or the mobile device used for authentication is lost, you can disable Multifactor Authentication via email so that you can log in to your LastPass account.