How many recovery options do you have enabled?

GlennD · ‎10-19-2020

Hi,

Quick poll: How many recovery options do you have enabled?

Account recovery is something you hope you will never have to use, but if for some reason you are unable to correctly enter you Master Password one day you will need it. The good news is there is more than one recovery method, but you have to set them up now while you are able to sign in successfully.

The most commonly used recovery option is through the browser extensions, but this should be seen as the last option and not the main one you rely on. This method is dependent on a special recovery one-time password that is generated when you sign-in to the extension successfully and stored in your web browser. However, if for any reason you clear your browser cache it will be deleted until you sign-in successfully again.

Pro Tip: If you have more than one web browser on your computer, install the LastPass extension on all of them and sign-in to them multiple times, that way if your main browser loses it's recovery one-time password you have a back up option with the other browser you do not normally use.

This support article explains how to set up all of the available recovery options, if you have not gotten around to setting any up yet why not take some time now? How do I set up all account recovery options for LastPass?

Remember, LastPass Customer Care has no knowledge of a user's Master Password. It is not possible for LastPass Customer Care to reset or change a user's Master Password if it is forgotten.

Please note if you are a LastPass Free customer:

LastPass Free customers that select mobile as their device type can still use the browser extensions for account recovery and other account settings, they just do not have access to their vault through the extension. In the same way, customers that select desktop as their device can still use the mobile app for account recovery.

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!.

Free new user and admin training

minsik · ‎11-06-2020

I am constantly cleaning the browser cache as a clean machine is sweet and fast, yet in this case its a possible disaster? Therefore OTP is Not available to me?

RachelO · ‎11-09-2020

Hello @minsik,

Yes, if you clear your browser's cache often this can delete the recovery one-time password saved for that browser and thus you wouldn't be able to recover your master password in that browser if you were to ever need to reset it. We would recommend installing a second browser that you do not plan to use or clear the cache for often and logging in to the LastPass extension in that second browser a few times so that you can generate a recovery one-time password in that browser and have that available in case you ever need to reset your master password in the future.

RachelO is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudos!

peterjohnee1 · ‎12-21-2020

Everything will be a fine, cookie clicker hot game.

EvoLeadr · ‎12-22-2020

All of them 🙂
Ive been on a mission for some time to get SUPER clear with PW and backups etc and encourage it fully to my clients.

But I've a question on this topic...

LP contains all my PW's and sensitive data, so ideally I want it super secure.

I also use a 3rd party 2FA tool, which has its own set of PW

I also use email of course, and want this to have 2FA.

Im not travelling, and want to protect myself from "no device situation".

Assume everything is stolen, lost, whatever.

But I find I have no device.

Say I buy a new laptop to get back up and running.

Say I know my LP master PW and go to log into LP.

LP see's it as an unrecognised device, prevents me logging in, sends me an email to verify the device can be trusted.

But I cant log into my email, because the PW is in LP.

How would I mitigate this situation? Can LP let me in somehow? Would a OTP usurp the need for a device to be trusted?

Cheers
D

GlennD · ‎12-23-2020

Hi @EvoLeadr

In that situation, since you know your Master Password you would need to open a support ticket and answer some questions so we could allow you to by pass the 2FA requirement and sign in from your new device.

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!.

Free new user and admin training

EvoLeadr · ‎12-23-2020

Thanks Glenn,

I appreciate the response.

I treat this like insurance, I hope to never need it...but if I do,I want to make sure i'm covered.

Because I don't have any security questions set up.

What would you ask me? How could I be sure I have the answers? LP is like my super secure storage, so I keep answers in their, which I of course would not have access to.

Can you please clarify how I know, today, that i could gain access?

Could I email them to go through the process anyway?

Kind regards

D

GlennD · ‎12-23-2020

Hi @EvoLeadr

Sorry, I cannot go into any detail about the questions you would be asked. The best thing you can do is enable as many of recovery options as possible. If you have an old computer or mobile device that you no longer use, install the LastPass extensions and recovery options on it as a back up in case you every lose your main device for any reason.

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!.

Free new user and admin training

EvoLeadr · ‎12-24-2020

Hey Glenn.

I understand you could not do it here dude, no worries.
What email would I use to speak to an internal team. I’d like to go through the process please.

The whole point of this is if I lose ALL devices. Which has happened to me before when my bus left, with all my bags on it whilst I was using the bathroom and had no phone.
It made me aware of the fragility of things. So I tightened everything.

Hence why I liked this post you wrote, right on point for me.

Re backups etc...I’m only aware of

1. Master password. CHECK. I know this.

2. OTP. CHECK. I have some of these printed. But if I know my MP, these are not needed anyway.

3. Recovery passwords. CHECK. I have maybe 4 browsers on my machine and one browser has over 20 profiles all with LP logged in. But no good if I’ve lost my device.

Are there more?

If so please do share.

It’s not about bypassing 2FA (although that is the 2nd step), but first it’s pre 2FA.

When I sign into my account on a new device that LP does not recognise, it prevents log in pending an email to verify that I trust the device.

That is my question.

If I can’t access my email as the PW is in LP, how could I tell LP to trust a device?

If it’s support I need to email, then I’d like the email and to undergo the process.
Because if it takes 3 days (for example) then knowing this now ahead of time is important. 3 days is a long time if you've lost devices, and cash cards etc and trying to regain access to your normal stuff.

Hope this is more clear now.

Cheers bud,
D

jpenny84 · ‎12-25-2020

Your solutions are to either keep the email password accessable outside of LastPass, or disable unknown device or location verification. Alternatively, use the email provider's password reset procedure.

How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?

Re: How many recovery options do you have enabled?