cancel
Showing results for 
Search instead for 
Did you mean: 
GlennD
GoTo Manager

How many recovery options do you have enabled?

Hi,

 

Quick poll: How many recovery options do you have enabled?

 

Account recovery is something you hope you will never have to use, but if for some reason you are unable to correctly enter you Master Password one day you will need it. The good news is there is more than one recovery method, but you have to set them up now while you are able to sign in successfully. 

 

The most commonly used recovery option is through the browser extensions, but this should be seen as the last option and not the main one you rely on. This method is dependent on a special recovery one-time password that is generated when you sign-in to the extension successfully and stored in your web browser. However, if for any reason you clear your browser cache it will be deleted until you sign-in successfully again. 

 

Pro Tip: If you have more than one web browser on your computer, install the LastPass extension on all of them and sign-in to them multiple times, that way if your main browser loses it's recovery one-time password you have a back up option with the other browser you do not normally use.

 

This support article explains how to set up all of the available recovery options, if you have not gotten around to setting any up yet why not take some time now? How do I set up all account recovery options for LastPass?

 

Remember,  LastPass Customer Care has no knowledge of a user's Master Password. It is not possible for LastPass Customer Care to reset or change a user's Master Password if it is forgotten.

 

Please note if you are a LastPass Free customer:

 

LastPass Free customers that select mobile as their device type can still use the browser extensions for account recovery and other account settings, they just do not have access to their vault through the extension. In the same way, customers that select desktop as their device can still use the mobile app for account recovery.

 

 

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Tags (1)
41 REPLIES 41
Bob20
Active Contributor

(RESOLVED!!)
Thanks guys. This means a lot to me.

jillkint
New Contributor

Helpful

Itsmebeccat
Active Contributor

He recommended putting the extension on all browsers but with the new guidelines and only one device allowed well that messes up mother**bleep**er gosh

You recommended putting the extension on all browsers but with the new guidelines and only one device allowed will that mess us up

Just wondering if you still recommend that since the new device limited guidelines
GlennD
GoTo Manager

LastPass Free customers that select mobile as their device type can still use the browser extensions for account recovery and other account settings, they just do not have access to their vault through the extension. In the same way, customers that select desktop as their device can still use the mobile app for account recovery.

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Itsmebeccat
Active Contributor

OK well that is very helpful and I’m sure many others have wondered the same… Thank you Glenn

feveralburyau
New Contributor

Email option is working for recovery.

JayneG
New Contributor

Hi EvoLeadr,

I've been reading this with interest and appreciate your position - I feel the same.

I'm not great with IT at the best of times but really want to Nail the security and recovery of an enormous amount of sensitive and critical passwords held in LP.

I currently have 2FA turned on as the authenticator app on my mobile phone.  But in the event that both laptop and phone are gone - what then?

 

In layman's terms, can you tell me what you eventually decided to do? 

GlennD
GoTo Manager

@JayneG If that happens, as long as you know your Master Password you will be able to sign into your LastPass account from another device and access your data. LastPass support can help you if you lose access to your 2FA device, it is only when you cannot enter the Master Password correctly and have no recovery options enabled/left that you will be locked out of your account. 

 

We advise having more than one recovery method set up, and encourage you to sign in on a regular basis so that you reenter your Master Password and it stays fresh in your memory. 

 

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
EvoLeadr
Active Contributor

Hey there @JayneG  thanks for your message.
Im still surprised how much traction this post created and I that it's not an upfront topic brought to the forefront by LP. It does seem a little avoided..and its a BIG one IMO.

If i'm honest it brought up a LOT and I explored tonnes of options.

I disagree with @GlennD  comment:

"If that happens, as long as you know your Master Password you will be able to sign into your LastPass account from another device and access your data."

This assumes you have authorised another device. I know at the bottom of your thread you say "you advise" but this can easily be taken as not necessary, because its only ADVISED.

From my testing and all these chats if you do not have another approved device then you cant access LP without an email confirmation which if you dont know your email pass (because its in LP) then you are sc**wed. There is no one red magic pill though as GlennD and others said and LP final response was for me to remember my MP and my email PW.

Where did I end up?
Well I now run TWO managers, LP and MyKi.

Why? I choose MyKi because...
1. There is no cloud, which is a concern for me. I do trust LP and their vault, but I always have concerns with anything that is cloud based. Esp for the level of importance I place on my PW's.
2. They have BUILT IN 2FA, this is SOOOOOOOOO good. I mean its super slick and was a massive sell feature for me. 
3. I can manage multiple clients, all giving them difference "companies" so I dont see 50 logins for one site. LP has identites, but switching between this is a faff. So for me, the use case of MyKi just really served.
 
PROBLEMS...
1. MyKi store a LOCAL encrypted 256 file on my computer. So everday it backs up. To restore a backup, a bad actor would need to gain access to the file, a dedicated mobile number I use, they need to receive a text code sent to it and then restore it in MyKi software and then a pin to unlock it. So i feel confident that its safe.
...BUT...i 100% need to look after that file. Which brings a whole host of different problems.
However, dealing with those problems, is actually much easier than my LP problems (for me).
2. I still run LP. So I have both on the go. And my iphone can only allow ONE password manager. So I cant run LP and MyKi on my mobile. But im ok with this ATM. I have not moved over cause im still new to MyKI where as I have like 7 years with LP and right now I trust LP in general, more than MyKi (but only due to experience and the fact that i have less exp in managing the backup and what to do in the event of a problem with MyKi).

NEXT STEPS
I will run some scenario's see how MyKi responds, what I would do, etc etc.

There is no magic red pill.
It is a layer approach.
If you do not consider yourself very techie, MyKi might not be for you.
The responsibility of managing a backup file is a lot.

Personally, for ease, my suggestions to others i've spoken to is...
1. If you are securing your LP with 2FA, then save a backup code somewhere you can gain access. Or use a system that is not LP Authenticator so you can restore something. Many use AUTHY, as it backups. But remember every backup to a cloud poses a risk. I suggest a physical copy of a backup code with someone you trust or hide it deep in an email structure and/or phone contact so you could find it (using your memory to locate it on your device only! - this assume your email has not 2FA)
2. Keep hold of your LP MP and email PW. From what I know, a VERY long password only made up of words/numbers (like a big sentence) is more secure than an 8 character PW that is random generated with symbols. Confirm this, but my point is you can have security for PW's without complexity. This was you can access your email if you don't have a browser or computer already authorised to access your LP account
3. Authorise as many trusted devices as you can. So that you dont NEED your email PW.
 
All of this is my personal opinion.
I do like and trust LP, very much.
using MyKi has made me see how date LP is in some ways, but that doesnt mean new and shiny is better.

I hope this was helpful.
 
Kind regards
For a greater world for us all.
x
GlennD
GoTo Manager

Hi @EvoLeadr 

 

You misunderstood my reply so I am going to state this again to prevent any confusion for those reading the comments on this topic:

 

1. If you lose your 2FA/MFA device but you still have access to your email, you can disable 2FA/MFA on your account using your email and sign in to LastPass.

2. If you lose your 2FA/MFA device and you do not have access to your email, you can open a support ticket and LastPass support can disable 2FA/MFA on your account so you can sign in to LastPass.

 

The only thing LastPass support cannot help you with is if you cannot correctly remember your Master Password and you have no recovery options available to use.

 

 

Glenn is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Tags (3)