Why am I not being prompted for Multifactor Authentication?
If your account is enabled to use Multifactor Authentication and you are not being prompted to authenticate upon logging in, this is expected behavior if your device is set to trusted or you are accessing the offline version of your LastPass Vault (with the exception for the YubiKey and Sesame authenticators).
To be prompted for Multifactor Authentication again, you can revoke trust or disable offline access for your device.
- Log in to LastPass via the web browser extension and access your Vault.
- Click Account Settings in the left navigation.
- Click the Trust Devices tab.
- In the "Label" column, locate your device (the default auto-generated name will be alphanumeric, unless you re-named it), then uncheck the box for "Enabled". When finished, close the Account Settings window.
- You may be logging in to the offline version of your LastPass Vault (if your authenticator settings are enabled to allow offline access).
- Your device has been set to trusted, which does not prompt for Multifactor Authentication for up to 30 days
- If you have not done so, log in to LastPass.
- In your web browser toolbar, click the LastPass icon then click Open My Vault.
- Select Account Settings in the left navigation.
- Click on the Multifactor Options tab.
- Click the Edit icon to the right of your desired multifactor option.
- For the "Enabled" option, use the drop-down menu to select Yes.
- For the "Permit Offline Access" option, use the drop-down menu to select Disallow, which requires the use of Multifactor Authentication and to be connected to the internet when using LastPass.
- Configure all other required fields for your authenticator (if applicable), then click Update when finished.
- Enter your Master Password, then click Continue.
- If you have already set up Multifactor Authentication for this authenticator, you are done. If you have not, follow the steps to enroll your device. Instructions will vary depending on the authenticator app you have selected.