We have updated the messaging displayed when a Login verification email is sent or the Master Password was mistyped:
For your security:
1. Check your inbox to verify it's you.
2. No email from LastPass? Review your login info and try again.
If you are trying to log in to LastPass and see this error message this means that either:
There are a number of reasons why your IP or device might not be recognized even if you have used it before, especially if you are signing in directly through the browser and not a LastPass extension or App. So before you try account recovery or anything else, please check your email (if you set up a security email you will need to check that).
We are always working to ensure top security for our users. To combat recent unusual activity targeting our customers, we added an additional security system to further detect and flag suspicious bot activity and verify a LastPass user’s identity. Following feedback from our users, we have since resolved the login issues reported. As always, delivering a secure, reliable service for our users remains our top priority.
Currently, verification by email is the only option for this particular situation.
We may add another authentication option besides email in the future.
Please Note: If you do not have access to your email account and there is no way to recover access to your email account through your email provider, you will need to open a support ticket, and please make sure to include an alternate email address that you can be reached at (create one if necessary).
Solved! Go to Solution.
@GlennDHow come my extension was signed in just yesterday. Also, I clearly remember that after changing the password 3 months ago I had to log in the extension again.
On my other machine I can get to the token input field, and it just says the token is wrong (even though it's correct). But I'm fairly sure I haven't logged in there since I changed to password.
Edit: I also had to enter 2FA just recently.
Hello to all,
This situation is unacceptable, to regain access to my lastpass I had to return to my office from an out-of-city trip just because of the changes made during the last week.
That being said I sent various support e-mails to (email removed by GlennD 5/24/21) , none of which were answered within 3 days, and the one that was answered was incorrectly answered assuming it was a BUG.
To the LastPass Team, I understand you are facing a crisis right now due to the recent changes, yet the way you are handling this speaks volumes, I suggest a clear communication to the affected users and an inmediate response team. Real time and money is being lost as we speak, and not only dozens but possibly hundreds are being affected.
I am getting the "review info and try again" message, now for a new time after one of your support people unlocked me last time.
I am sure I turned off the IP lock feature you mentioned, because I use a VPN and my IP address is liable to change regularly. I frankly can't believe you set up such a thing without a clear understanding of the number of problems it would create for your support staff and your users.
But what gets me is that LastPass has my email address and phone number, yet I get NO EMAIL as stated. I know I should receive an email to verify it is me, but I don't receive it. And yes, I know to check the junk email folder.
Could you please clear the lock? I am sure that no one but me knows the Master Password. Or get your system to send me the verification email. I don't object to having to jump through hoops to prove it's me. But I do object to being told there are hoops, when they aren't presented.
I use a 40+ character master password, and I do know what it is. Just how am I supposed to unlock it, or prove it's me, when I don't get the email, text message or anything? I'm not about to sign up for the paid-for version of your software until it's reliable enough to pay for.
We are always working to ensure top security for our users. To combat recent unusual activity targeting our customers, we added an additional security system to further detect and flag suspicious bot activity and verify a LastPass user’s identity. Following feedback from our users, we have since resolved the login issues reported. As always, delivering a secure, reliable service for our users remains our top priority."
How is this "resolved" ? My mother still has the problem each and every time she tries to log in.
Thanks, RB 21.
Do you or anyone else (and in particular LastPass employees) know the answer to this question below. I do not know the answer.
I start the VPV on my PC and confirm this. I turn off the VPN. I immediately log in to LastPass and then restart the VPN immediately. I am using TunnelBear as my VPN.
Question: To what extent, if any, has my master password been compromised, or potentially compromised, because I had to enter it into the LastPass log in box in my LastPass extension on Google Chrome during this very brief time that the VPN was turned off?
Thanks in advance.
20 PAGES OF CUSTOMERS INCONVENIENCED BY THIS MESS
HOW EXACTLY AM I SUPPOSED TO KNOW YOU SENT AN EMAIL WHEN YOU DO NOT SAY TO CHECK
MORE IMPORTANTLY MY EMAIL HAS A LONG AND COMPLEX PASSWORD GENERATED BY LASTPASS
I DO NOT HAVE ACCESS TO MY EMAIL BECAUSE IT IS SUPPOSED TO BE PROTECTED BY LASTPASS, INSTEAD LASTPASS IS PEVENTING ME ACCESSING MY EMAIL AND ALL MY OTHER SITES.
HOW EXACTLY AM I SUPPOSED TO RESOLVE THIS CHICKEN AND EGG PROBLEM
I HAD A PROBLEM LIKE THIS A FEW YEARS AGO WITH LASTPASS AND I TURNED OFF THIS SO CALLED PROTECTION.
SO HOW COME IT IS HAPPENING AGAIN WHEN I DISABLED THIS "FEATURE"
THERE WAS A TIME WHEN LASTPASS VAULT WAS ACCESSIBLE OFFLINE AS LONG AS THE CORRECT PASSWORD HAD BEEN ENTERED.
THIS IS A SCHOOLBOY ERROR OF LOGMEIN NEARLY 100 CUSTOMERS ALREADY UPSET ABOUT THIS.
NOW PLEASE FIX IT
DO NOT TELL ME TO CHECK MY EMAIL BECAUSE I CAN'T ACCESS MY EMAIL ACCOUNT BECAUSE THE PASSWORD IS HELD IN LASTPASS VAULT AND THE VAULT SENT A SECRET EMAIL TO MY NOW INACCESSIBLE EMAIL BECAUSE I NEED LASSPASS IN ORDER TO ACCESS MY EMAIL WHICH NEEDS LASTPASS TO FILL THE PASSWORD BUT LASTPASS NEEDS ME TO ACCESS MY EMAIL YET MY EMAIL NEEDS LASTPASS WHICH NEEDS MY EMAIL WHICH WILL NOT LET ME IN UNLESS LASSPASS PUTS IN THE PASSWORD BUT THAT WILL NOT HAPPEN UNTIL I ACCESS MY EMAIL WHICH I CAN'T DO WITHOUT LASTPASS
WELCOME TO MY WORLD
I'm using a VPN, and getting the above message. I am entering valid info - the correct master password. I get the emails, click "Verify new device or location", and I still can't log in. That even happens when I disable the VPN. I have used the VPN for years, and this just started.
I also rely on a VPN. The idiot developers at LastPass/LogMeIn introduced a regression (BUG) back on May 10th/11th. They systematically ignore the settings under:
Advanced Settings, -> Country Restriction -> Only allow login from selected countries: ->
Even with that check box checked, and with the following countries checked:
Vpn / Anonymous Proxy
It still doesn't work.
The interesting thing is that this has worked for years. I've been using this WITH A VPN since 2013, maybe 2014 or so. LastPass won't admit they introduced a bug. They won't even try to fix it.
I've been reaching out to the technology press, folks like Andrew Cunningham (Twitter @AndrewWrites) and Thorin Klosowski (Twitter @kingthor) with the NYT trying to get some reporters to look into them. Cunningham & Klosowski actually gave LastPass a recommendation and I'm hoping to get them to retract that.
Maybe if enough people bitch loud enough, and enough tech mags pull their recommendations, maybe these ID10Ts will get off their A$$E$ and do something about this.
Anyone out there know a good class-action atty?