I support and help all my clients onboard onto LP, I love it, so please don't take my continued press on this topic the wrong way. But as a "the only password you will ever need to know" mantra, do you not think this is a poor solution? To have to remember a 2nd password?
I feel my situation is a valid one, to find yourself without a device.
And I'm pretty confident, that without a device, or remembering a password, that no email provider that has 2FA set up is going to allow you to just reset it (they'll want to call you, text you, or email a backup email account).
The whole point with LP, is to only need access to it? Surely this is a problem?
@EvoLeadr There comes a point where you have to decide what is the balance between security and convenience that you are comfortable with. You can always do routine exports of your vault and secure them some place else just in case.
It's a great question. Keep pushing for an answer, as I still haven't found a workable one, other than remembering my email password (in addition to my LP Master Password).
Prior to people attempting to answer your question, they should grab someone else's phone and try to log into LastPass. THEN, they should answer. The answer might come easy to some, but it definitely wasn't obvious when it happened to me. (Fortunately, after a couple of days while traveling, I was able to buy a new phone, insert my SIM card, and restore it.)
Hey there, I did get a formal answer from LP when I emailed them.
1. There is NO way to turn of "trusted devices" which means 100% you need your own access to your email to verify if you are trying to sign in from a new device.
2. If you have 2FA turned on for LP, then it's even more of a nightmare. I'm currently waiting on a detailed response of the LP process to gain entry if you don have your 2FA.
I think with 2FA, its not LP fault at all, 2FA is 2FA after all, and you can print backup codes which I have. Doesnt help if you find yourself fully robbed or lost items, but that's not LP fault, but clarity on gaining entry to your account is important.
As for the email thing, its difficult. As per Glen's answer earlier, its a trade off of convenience and security. I like the "trust device" option. So even if I could turn it off...I would not. And LP not having a "back door" to email them, well it is super secure.
Which means its down to me to secure.
I do however, don't think this is discussed much or even said to the user. You either wake up once day and think about it, or you wake up one day and are in it. Either way, I'm happy I have now and will tell my clients too. Having a password I can remember, I will now need to turn on 2FA for my email, although it should be on anyway.
But I feel I've had full answers now, apart from 2FA on LP....but TBH I darent turn it on!
Agreed. It would have been nice to have known prior to my event that I needed to remember my email password. Although it does go against the "Last Password You'll Ever Need", it would save some folks a bit of trouble knowing this up front.
If you turn on 2FA for your email, aren't you putting yourself back in the same situation if you lose all of your devices? That is, let's suppose you lose everything and find a computer to start logging in. You can't access your email without 2FA, which means you need access to something you don't have. Yes?
Just got your new debit card fro the Canara Bank in your hand and are you excited enough to swipe your debit card? Well, one must generate Canara Bank Debit Card PIN in order to get the debit card for transactions.
Hi Sir, @GlennD
I've been using Lastpass (premium) for several years. I live in Vietnam. Just today, I lost my phone which had the Lastpast Authenciator. As such, I am not able to log in. I've tried to log in by sms passcode but not receive the passcode at all. I several times emailed support but not received any response. Could you please support me.