HELP FILE

Use Temporary (One-Time) Passwords

When accessing LastPass from a public computer, you may want not want to use your Master Password, because someone else may be able to access it (using a keylogger to capture your typed keys or other malware). Additionally, you do not know what kind of security is implemented on that computer. To solve this problem, LastPass provides you with one-time passwords that only work for one logon session – so even if someone else gets access to a previously used one-time password, they will not be able to use it to log on to your account. To use the one-time password feature, you generate a list of temporary passwords ahead of time and cross them off as they are used.

Note: If you are concerned that your LastPass account has been compromised, follow these steps.

Topics in this article:

Generate One-Time Passwords

Log in Using a One-Time Password

Invalidate One-Time Passwords

Generate One-Time Passwords

To generate a list of one-time passwords, do the following:

  1. If you have not done so, log in to LastPass.
  2. In your web browser toolbar, click the LastPass icon then click Open My Vault.
  3. Click the Expand icon in the left menu, then click More options.
  1. If the Advanced menu is not already expanded, click it.
  1. Click One Time Passwords.

  1. Enter your Master Password, and click OK.

  1. Click Add a new One Time Password. Repeat this step as many times as you wish to generate a list of one-time passwords.

  1. Click Print, and keep the passwords in a safe place, crossing them off as you use them. (If you find it more convenient, using your web browser, you can print the passwords to a PDF file so that you can copy and paste them later).

Log in Using a One-Time Password

To log on to LastPass using a one-time password, do the following:

  1. From LastPass.com, click Log In,

  1. Click Log in using a One Time Password.

  1. Enter your email address and a one-time password.

  1. Complete steps for Multifactor Authentication, if it is enabled on your account.

Invalidate One-Time Passwords

If you are concerned that someone may have gotten access to your one-time passwords, you can invalidate them by doing the following:

  1. If you have not done so, log in to LastPass.
  2. In your web browser toolbar, click the LastPass icon then click Open My Vault.
  3. Click the Expand icon in the left menu, then click More options.
  1. If the Advanced menu is not already expanded, click it.
  1. Click One Time Passwords.

  1. Enter your Master Password, and click OK.

  1. Click Clear all OTPs.

  1. The system indicates that you no longer have any one-time passwords. You can now either close the browser window or create new one-time passwords using the Add a new One Time Password link.