For more information about the LastPass security incident please visit our blog
It would be good to have a policy setting to require users enter Recovery Information. This would reduce friction for support staff. It would also be useful to be able to report on whcih users do or do not have it set.
There are currently policies available to require users to use multi-factor authentication (Require any MFA option) and also a policy which allows selected admins to reset the master password of any user in your enterprise (Permit super admins to reset master passwords) so that admins and users can reset their master passwords, and I have passed along this idea to our development team as well for consideration in future updates to LastPass.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.