LastPass supports multifactor authentication with Duo Security. It is a secure, two-factor authentication application offered for all leading smartphone platforms, including Android, iPhone, Blackberry, and Windows Phone.
Register for a Duo Account
In order to use Duo Security, a Duo account is required. Register for an account here: https://www.duosecurity.com/lastpass.
Setup a New Integration
- Login to your Duo account.
- In the left menu, choose Integrations > + New Integration
- For Integration type, choose “LastPass”. Pick any name for your Integration name.
- Click Create Integration
- On the next page, you’ll find the following information: Integration key, Secret key, and API hostname. Note these values for later.
- Login to your LastPass Vault and go to Settings > Multifactor Options > Duo Security
- Enter the Integration key, Secret key, and API hostname from before
- Switch Duo Security Authentication to Enabled
- A popup will appear to enroll your mobile device:
- Select the type of device that you would like to enroll and then click the “Continue” button. You will then be given on-screen instructions on how to enroll each specific device. Note that LastPass only supports one device at this time.
Once you have enrolled the device(s) that you would like to use for Duo authentication, you can then use it to authenticate you in the login process.
Using SMS Passcodes to Authenticate
When being prompted from LastPass to authenticate your account, you can elect to send an SMS Passcode to your registered mobile device. By clicking the “Send SMS passcodes” link in the Multifactor Authentication window.