cancel
Showing results for 
Search instead for 
Did you mean: 
ColinW
New Contributor

Re: Passwordless is possible - today!

I really did try and set this up today (the instructions are not very clear) as it looks like a useful feature, however, it went horribly wrong for me.

 

I received a warning message on my Last Pass iOS Authentication App: "Backup requires multifactor authentication" — I really do not want to turn off backups — who would?

Anyway I pressed on as I wanted to see how Oasswordless would work, and all looked good as I got to the Passwordless login to my vault on my iMac, but nothing was ever sent to the iOS Authenticator for me to confirm.  I had to use SMS as a backup method to gain access.  I did try a couple of times, but SMS was needed each time.

I had to switch back the Account Settings to use good old Password and MFA.

Does anyone have any ideas on both the Backup compatibility issue and what might have stopped Passwordless from working, or where to get help on these issues?

Thanks,

 

Colin

Tags (2)
AshC
GoTo Moderator

Re: Passwordless is possible - today!

@Glimmie  Feel free to give us a call if you're still experiencing trouble linking the LastPass Authenticator to your account. 

 

@ColinW  Did you previously have multiple MFA options set up for your account?  (At the moment only the LastPass Authenticator is compatible) 

 


Ash is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
ColinW
New Contributor

Re: Passwordless is possible - today!

@AshC — I did have Google Authenticator set up (in addition to the LastPass Authenticator) , but I disabled Google Authenticator in Account Settings as part of trying to set up Passwordless.

greg15
Active Contributor

Re: Passwordless is possible - today!

I've been using Lastpass for over 7 years. I tested passwordless. It is a nice feature, but because it only works with the LP Authenticator and that forces you to use SMS backup, in my mind it's less secure than the other authenticator apps, so I won't use it. Kind of defeats the purpose of having an app at all. You seem to be pushing through a lot of improvements, which is nice...but 1Password offers support for Yubikey U2F instead of just OTP and has a Secret Key built-in, which in my mind may or may not make them more secure from a server side attack. I've been testing 1P, and their UI may be slightly more responsive as well. I have to manage not just my own account but others' as well you understand. I'm not a fan of LP SMS account recovery either. 1Password does not use this at all but offers an "Emergency Kit." Seems more secure. I'm probably missing something here, just not sure what? Please let me know. Thanks.

RonWeasley
Active Contributor

Re: Passwordless is possible - today!

Completely agree. SMS-based 2FA or recovery methods represent horrible vulnerabilities which I try to steer well clear of.