Quick poll: How many recovery options do you have enabled?
Account recovery is something you hope you will never have to use, but if for some reason you are unable to correctly enter you Master Password one day you will need it. The good news is there is more than one recovery method, but you have to set them up now while you are able to sign in successfully.
The most commonly used recovery option is through the browser extensions, but this should be seen as the last option and not the main one you rely on. This method is dependent on a special recovery one-time password that is generated when you sign-in to the extension successfully and stored in your web browser. However, if for any reason you clear your browser cache it will be deleted until you sign-in successfully again.
Pro Tip: If you have more than one web browser on your computer, install the LastPass extension on all of them and sign-in to them multiple times, that way if your main browser loses it's recovery one-time password you have a back up option with the other browser you do not normally use.
This support article explains how to set up all of the available recovery options, if you have not gotten around to setting any up yet why not take some time now? How do I set up all account recovery options for LastPass?
Remember, LastPass Customer Care has no knowledge of a user's Master Password. It is not possible for LastPass Customer Care to reset or change a user's Master Password if it is forgotten.
Yes, if you clear your browser's cache often this can delete the recovery one-time password saved for that browser and thus you wouldn't be able to recover your master password in that browser if you were to ever need to reset it. We would recommend installing a second browser that you do not plan to use or clear the cache for often and logging in to the LastPass extension in that second browser a few times so that you can generate a recovery one-time password in that browser and have that available in case you ever need to reset your master password in the future.
All of them 🙂
Ive been on a mission for some time to get SUPER clear with PW and backups etc and encourage it fully to my clients.
But I've a question on this topic...
LP contains all my PW's and sensitive data, so ideally I want it super secure.
I also use a 3rd party 2FA tool, which has its own set of PW
I also use email of course, and want this to have 2FA.
Im not travelling, and want to protect myself from "no device situation".
Assume everything is stolen, lost, whatever.
But I find I have no device.
Say I buy a new laptop to get back up and running.
Say I know my LP master PW and go to log into LP.
LP see's it as an unrecognised device, prevents me logging in, sends me an email to verify the device can be trusted.
But I cant log into my email, because the PW is in LP.
How would I mitigate this situation? Can LP let me in somehow? Would a OTP usurp the need for a device to be trusted?
In that situation, since you know your Master Password you would need to open a support ticket and answer some questions so we could allow you to by pass the 2FA requirement and sign in from your new device.
I appreciate the response.
I treat this like insurance, I hope to never need it...but if I do,I want to make sure i'm covered.
Because I don't have any security questions set up.
What would you ask me? How could I be sure I have the answers? LP is like my super secure storage, so I keep answers in their, which I of course would not have access to.
Can you please clarify how I know, today, that i could gain access?
Could I email them to go through the process anyway?
Sorry, I cannot go into any detail about the questions you would be asked. The best thing you can do is enable as many of recovery options as possible. If you have an old computer or mobile device that you no longer use, install the LastPass extensions and recovery options on it as a back up in case you every lose your main device for any reason.