LastPass supports multifactor authentication with Duo Security. It is a secure, two-factor authentication application offered for all leading smartphone platforms, including Android, iPhone, Blackberry, and Windows Phone.
Setup a New Integration
- In order to use Duo Security, a Duo account is required. Register for an account here: https://www.duosecurity.com/lastpass.
- Login to your Duo account.
- In the left menu, choose Applications > + New Applications
- For Application type, choose “LastPass”. Pick any name for your Application name.
- Click Create Application
- On the next page, you’ll find the following information: Integration key, Secret key, and API hostname. Note these values for later.
- Login to your LastPass Vault and go to Settings > Multifactor Options > Duo Security
- Enter the Integration key, Secret key, and API hostname from before
- Switch Duo Security Authentication to Enabled
- A popup will appear to enroll your mobile device:
- Select the type of device that you would like to enroll and then click the “Continue” button. You will then be given on-screen instructions on how to enroll each specific device. Note that LastPass only supports one device at this time.
Once you have enrolled the device(s) that you would like to use for Duo authentication, you can then use it to authenticate you in the login process.
Using SMS Passcodes to Authenticate
When being prompted from LastPass to authenticate your account, you can elect to send an SMS Passcode to your registered mobile device. By clicking the “Send SMS passcodes” link in the Multifactor Authentication window.
If you wish to switch back to Duo Push later, please disable Duo Security in LastPass first. Then delete your registered device in Duo Admin Panel > Devices and start over.