At LastPass, we strongly encourage our users to take advantage of our multifactor authentication options. Multifactor authentication requires the user to present both username/password and information from another, often physical, item. This means that if a hacker gets your password, they are still unable to access your LastPass account without this second factor.
LastPass offers multifactor authentication as a Premium feature, but we also believe that everyone should be protected online, so we have created the Grid Multifactor Authentication as a feature available to both Premium and non-Premium users.
To activate Grid, launch your Account Settings by going to your LastPass Icon, then Preferences, Accounts Settings, Launch Account Settings:
You can also launch your Account Settings dialog by directly logging into your Online Vault from the LastPass website and clicking on the ‘Settings’ link in the left-hand menu.
In the dialog box that pops up, click on the Security tab (second over from the left), where you will see the option to activate your Grid by checking the box:
LastPass will pop a message recommending that you print your Grid. By clicking ‘Print your Grid’, you can view and print the spreadsheet-like Grid of randomly generated characters:
Allow Mobile and Bookmarklet Access to Bypass Grid: As Grid Authentication is not currently supported on our mobile apps, this option controls whether mobile devices and bookmarklets will be allowed to bypass Grid multifactor authentication when enabled.
Allow Offline Access: Controls whether access to your Vault will be allowed when you are not connected to the Internet. Allowing offline access to your Vault is slightly less secure since Grid can not be actively validated.
Logging In With Grid
Once Grid has been activated, you can log in to your LastPass plugin by providing your email and Master Password as usual. After you press Submit, you will be prompted to provide 4 random values off of your Grid:
You look up each value on the grid and enter it. Grid look-ups are performed much like the game Battleship. Using the sample Grid image shown above as an example, if you were asked for U7, M8, I5, AND K5, the answers would be ‘d, n, p, q.’ Access to your LastPass Account will only be granted if all 4 values are correct.
If you trust the computer, click the Trust checkbox on the Grid dialog so you will not be re-prompted to enter Grid values the next time you log in.
Grid can be deactivated at any time once you are logged in to your Online Vault and uncheck the Grid option in Settings.