Why do I see a message, "This link has already been used or expired" when registering the LastPass MFA app?

You may encounter a message about the registration link expiring when attempting to activate passwordless authentication for your LastPass account.


As a LastPass user, you attempt to register passwordless authentication but when you click Start Registration in the registration email, you encounter a message, "Warning – This link has already been used or expired. If you did not expect this message, please contact your LastPass administrator."


The link in the registration email has already been used or is expired. A link can become expired if you attempt the recovery flow (steps outlined here) multiple times, as the system will only allow you to use the registration link that was last sent. This means that sending yourself a new one will expire any previously sent registration links.


As a user, you can do either of the following:

  • Send yourself a registration email (steps outlined here) and immediately go through the process of registering passwordless authentication for your LastPass account on your mobile device.
    Restriction: If you have a LastPass business account, the ability to perform these actions may be limited or prohibited due to policies enabled by your LastPass admin.
  • Contact your LastPass admin and request that they send you a new activation email (instructions for admins).