HELP FILE

What is a Recovery One Time Password in LastPass?

The Recovery One Time Password is used as a means of recovery to allow you to change your Master Password and gain access to your LastPass Vault if your Master Password is ever forgotten. Since your Vault is encrypted, this is the key that is used to decrypt it during account recovery.

A Recovery One Time Password is something that is created for you automatically when you log in to LastPass via the web browser extension, and is not something you can write down.

When you log in to the LastPass web browser extension on multiple browsers and devices that you trust, you create a Recovery One Time Password on each browser and device. This means that if you ever make a change to your LastPass account that causes your Vault to be re-encrypted, the Recovery One Time Password will become invalidated on that device, but you could still reset your Master Password from another device where you had logged in to the LastPass web browser extension. Here are some actions that would cause your Recovery One Time Password to be lost or invalidated:
  • Changing your Master Password on a mobile device (invalidates ALL Recovery One Time Passwords stored in your web browsers)
  • Uninstall/reinstall of the LastPass web browser extension
  • Disabling the LastPass web browser extension
  • Clearing your LastPass cache
  • Reformatting your computer
  • Unintentional corruption of your encrypted Vault cache (this is rare, but can be caused by other programs on your machine)

Learn how to create Recovery One Time Passwords from your desktop and/or mobile devices.