LastPass supports multifactor authentication with Duo Security. It is a secure, two-factor authentication application offered for all leading smartphone platforms, including Android, iPhone, Blackberry, and Windows Phone. You can get Duo Security here: https://www.duosecurity.com/editions
Set Up A New Application
- In order to use Duo Security, a Duo account is required. Register for an account here: https://www.duosecurity.com/lastpass.
- Login to your Duo account.
- In the left menu, choose Applications > Protect Application
- Search for LastPass in the list and click Protect this Application
- On the next page, you’ll find the following information: Integration key, Secret key, and API hostname. Note these values for later.
- Login to your LastPass Vault and go to Settings > Multifactor Options > Duo Security
- Enter the Integration key, Secret key, and API hostname from before
- Switch Duo Security Authentication to Enabled and click Continue
- Enter your master password
- Confirm your Duo Security username
- A popup will appear to enroll your mobile device. Click Enroll.
- It will open a new browser tab. Follow the instructions to start the enrollment.
- Select the type of device that you would like to enroll and then click the “Continue” button. You will then be given on-screen instructions on how to enroll each specific device. Note that LastPass only supports one device at this time.
Once you have enrolled the device(s) that you would like to use for Duo authentication, you can then use it to authenticate you in the login process.
Using SMS Passcodes to Authenticate
When you finish enabling Duo Security, you will be presented with the Duo Authentication Window after entering your login credentials to log in to LastPass next time. This is when you can switch from Duo Push to authentication codes via SMS. On the window, click “Next SMS password starts with 3 (send more)” link to have the codes sent to your registered device.
Logging in Offline
When multifactor authentication is enabled, you can choose whether to allow LastPass to store an encrypted vault locally so you can log in without an internet connection or not. If you enable offline access, you will be able to login without using Multifactor (with the exception of Yubikey) in case of a connectivity issue.
With some internet configurations (typically wireless connections and waking from sleep), LastPass may log in offline first before establishing connectivity to your online vault and prompting for your authenticator code. This may cause LastPass to AutoFill any login credentials you have saved in LastPass for the current page you are on. If you wish to disable offline access, you may do so in your account settings.
If you have switched phones or Duo tokens, follow the steps below to reset up your LastPass account with Duo:
- Disable Duo authentication for your LastPass account.
- Have the duo admin go to Duo Admin Panel > Users tab > click on your account and remove your phone number under Phones*.
- Log into your LastPass account and re-enable Duo authentication. You will be prompted to enroll your device again.
Table of Contents
- Help Center and FAQs
- LastPass Now Free On All Devices
- Getting Started with LastPass
- Downloading and Installing LastPass
- Using LastPass on Your Mobile Device
- LastPass App for Mac OSX
- Navigating the LastPass Browser Extension
- Your LastPass Vault
- Adding & Filling Sites
- Editing an Existing Site Entry and Editing Form Fields
- Importing Passwords
- Account Settings
- Emergency Access
- Browser Extension Preferences
- Sharing & Share Center
- Secure Notes & Attachments
- Generating Secure Passwords
- Using LastPass to Fill Forms
- Protecting Your Account with Multifactor Authentication
- Filling into Windows Applications
- LastPass Security Challenge
- LastPass Credit Monitoring
- LastPass Command Line Application
- LastPass via USB
- Windows 8 Metro
- Uninstalling & Deleting
- Site Map