LastPass Enterprise customers can utilize multifactor authentication with Symantec VIP. It provides one-time password codes from a smartphone app that the user can key in as they login to their LastPass account. The Symantec VIP app is available for Android, iOS, BlackBerry, and Windows Phone, in addition to other gateways and platforms.
Integrating with Symantec VIP
To start using Symantec VIP, a Symantec account is required. If you are not already using the service, you must first register here: https://manager.vip.symantec.com/vipmgr/createtrialaccount.v. Then you must provide LastPass with a certificate for your Symantec VIP account.
- Within Symantec VIP Manager, go to Account > Manage VIP Certificates.
- Request a certificate for LastPass and download it in PEM format.
- Open the LastPass Admin Console (LastPass Icon > Admin Console).
- Navigate to the Setup page, and under “Policies” click the link for “Other Enterprise options”.
- Click through to Symantec VIP and upload the file, then enter the Certificate Password.
- Update the settings.
Enabling Symantec VIP
To enable Symantec VIP with a user’s LastPass account, the above steps to set up the integration must be completed first before the following steps can be completed by the user.
- Download the Symantec “VIP Access” app to your smartphone from the app store on your device.
- Ensure the Admin has added the user’s Credential ID as a registered device in the Symantec VIP Manager (under the dashboard choose Find / Modify Credential). Or use the self-service portal: https://support.symantec.com/en_US/article.TECH200437.html to register new devices. If the company has already deployed Symantec VIP it’s likely that all user devices are already registered.
- Then the user can login to LastPass.
- Open the LastPass icon > My LastPass Vault, and launch “Account Settings”.
- Select the “Multifactor Options” tab.
- Scroll down to Symantec VIP and click the “edit” (pencil) button.
- Change “Enabled” to “Yes”.
- Click the “Update”.
- Enter the master password.
- Then enter the “Credential ID” number that appears on the “VIP Access” app.
- Then enter the “Security Code” that is generated on the “VIP Access” app. A new 6-digit code is generated every 30 seconds.
- Once the above are successfully entered, Symantec VIP is enabled for the LastPass account. The next time the user logs in to their LastPass account they will need to provide the Security Code generated by the VIP Access app.
Requiring Symantec VIP with Policies
Enterprise Admins may want to require that all users have Symantec VIP enabled for multifactor authentication. To set up the policy with Symantec VIP:
- Open the Admin Console (LastPass Icon > Admin Console).
- Open the “Setup” tab.
- Click “Add Policy”.
- Under the “Multifactor” policies, select the “Require use of Symantec VIP”.
- Determine who the policy applies to (All users, an Inclusive list of users, or an Exclusive list of users).
- Save your changes.
- Each user will need to configure Symantec VIP for their account the next time they login to LastPass.
Logging in Offline
When multifactor authentication is enabled, you can choose whether to allow LastPass to store an encrypted vault locally so you can log in without an internet connection or not. If you enable offline access, you will be able to login without using Multifactor (with the exception of Yubikey) in case of a connectivity issue.
With some internet configurations (typically wireless connections and waking from sleep), LastPass may log in offline first before establishing connectivity to your online vault and prompting for your authenticator code. This may cause LastPass to AutoFill any login credentials you have saved in LastPass for the current page you are on. If you wish to disable offline access, you may do so in your account settings.
Table of Contents
- Help Center and FAQs
- LastPass Now Free On All Devices
- Migrating Accounts From Meldium to LastPass
- Getting Started with LastPass
- Downloading and Installing LastPass
- Using LastPass on Your Mobile Device
- LastPass App for Mac OSX
- Navigating the LastPass Browser Extension
- Your LastPass Vault
- Adding & Filling Sites
- Editing an Existing Site Entry and Editing Form Fields
- Importing Passwords
- Account Settings
- Emergency Access
- Browser Extension Preferences
- Sharing & Share Center
- Secure Notes & Attachments
- Generating Secure Passwords
- Using LastPass to Fill Forms
- Protecting Your Account with Multifactor Authentication
- Filling into Windows Applications
- LastPass Security Challenge
- LastPass Credit Monitoring
- LastPass Command Line Application
- LastPass via USB
- Windows 8 Metro
- Uninstalling & Deleting
- Site Map