Multifactor Authentication - Approve Device Duration

cfoxcvg · ‎02-11-2022

When logging in you currently have the option to approve the device for 30 days. I would like a 1 day option. Often I am on a computer and need to log in to LastPass many times a day but I currently have to use Multifactor Authentication every time. having the only option to be an excessive 30 days seems useless from a security perspective. Having a 1 days option would be much more secure but also allow for some convenience.

JayMeIn · ‎02-11-2022

With several requests asking for shorter periods, and longer periods, of time to not need the MFA entered again, I suggest replacing the 'Don't ask again for 30 days' with a 'Don't ask again for [_] days' and having a field in which you can enter a number from 1 to whatever number of days you want to remain without needing a MFA check again.

Another help with the longer MFA remembering request would be to show, someplace, the number of days remaining until a MFA check after you login and a way to enter your MFA to increase that day count when it is convenient for you. As others have stated, having the MFA request appear on a well trusted device when you don't have your 2nd factor device around is an issue.

cfoxcvg · ‎02-11-2022

I love the idea of entering a custom time frame.
I was mostly thinking of the computer at my desk or whatever station I am at that day. I do not want to be exposed more than the day I am working. I don’t mind a daily requirement but at times I am logging in 10-15 times a day and have to open the authenticator each time. It’s a hassle.