cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Active Contributor

Master password not forgetting it

Hello,

 Well, I have been using LastPass for about 3 weeks  now & so far so good. The only issue I had was a corrupt extension & the support team emailed me within 24 hours & it's all good now. I really struggled to come up with a master password, but so far I seem to remember. It, I just do not want to forget it. 

 

Before I started using LastPass, I used Bitwarden & still have both running. What I did was make a safe note in Bitwarden and put my  LastPass master password in there as a safe note. I know I still have to remember that master password BUT I have used Bitwarden so long that I doubt I would forget that master password.  I wonder if that is a "dumb" thing to do?  

I was going to delete Bitwarden, but I think I will keep it BUT use LastPass as my go-to password manager. I just do not want to forget my master password.

 

FYI  >>    I did not enable biometric recovery. I am a bit Leary of biometrics I have read that using biometrics is not as secure as a pin or password. I may consider using it in the future as I do more reading on that subject. I DO use 2FA with last pass authenticator  I also have  an  HP Chromebook & android device running android 10  using LastPass on my android as well.

9 REPLIES 9
Highlighted
LogMeIn Manager

Re: Master password not forgetting it

Hi @mdc1022 

 

There are a couple of other recovery options that you can set up now that do not require biometrics, please review: How do Iset up all account recovery options for LastPass? 

 

Many LastPass customer end up relying on Recovery One Time Passwords to recover their account, this depends on a token that is generated when you sign into the browser extension and stored in the browser cache: How do I create a Recovery One Time Password to use during LastPass account recovery? 

 

 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Highlighted
Active Contributor

Re: Master password not forgetting it

GlennD,

Thank You for the reply I created OTP with the advice you gave me. I assume IF I forget my master password and am home using my Chromebook and use my OTP that I could change my password once I get in?  Just want to verify that and of course save the OTP. Also, do they expire or should I get new ones say every year?

Highlighted
LogMeIn Manager

Re: Master password not forgetting it

@mdc1022  Regular OTPs will not allow you to change your Master Password or export your data, they only grant you access to the vault.  A Recovery One Time password will allow you to login if you forget your Master Password and you will be prompted to create a new Master Password when you sign-in. This support article provides more details:  What is the difference between a One Time Password and a Recovery One Time Password?

 

Tip: Most people have more than one web browser installed on their computer, install the LastPass extension on all browsers and sign-in to your LastPass account through them. This will create Recovery One Time Passwords in each of them so you have back ups in case your main web browser cache is wiped.

 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Highlighted
Active Contributor

Re: Master password not forgetting it

I have a Chromebook, so I am locked to the Chrome browser. And when I log off  my browser clears the cache cookies & history.  I do have my cell phone added as a sms recovery option.So, I would think IF I ever forget my master  I will get a code to get back in.

 

Highlighted
Active Contributor

Being able to recover password using the OTP recovery

I have a chrome book & had it set to automatically clear cookies and site data when I quit Chrome.(shut off my Chromebook) I unchecked it now so that my cookies and site data when I quit Chrome will NOT clear. Is this necessary to do so that in the event I forget my master password that I will be able to use the one time recovery to gain access?   I read this on LastPass info on OTP and I think I MUST NOT clear site data when I quit Chrome.>>>  

  • On any web browser where you have cleared your browser cache–clearing your browser cache invalidates your ROTP, but logging in to the extension recreates it  << so, that means >>> my cookies and site data when I quit Chrome will NOT clear and therefore  will  keep my  ROTP validated?

 

Would I be able to automatically clear cookies and site data when I quit Chrome and still be able to get The Recovery OneTime Password? I disabled that feature until I get clarification.

 

I did not enable biometric recovery. I am a bit Leary of biometrics I have read that using biometrics is not as secure as a pin or password. I may consider using it in the future as I do more reading on that subject. I DO use 2FA with last pass authenticator.

 

So for me I would need to be sure The Recovery One Time Password will work for me using my Chromebook & android device (not using biometrics) 

 

If anyone wants to give their opinion on biometric as a log in on my mobile device I'm all ears.

 

I also have my mobile number set up for sms codes as a recovery option. 

 

I know the steps below would be the EASIEST WAY to recover a forgotten master password BUT fingerprint log in I think is easier to hack than a pin. Your thoughts?? 

 

  1. Open the LastPass Password Manager app, then select Trouble logging in? on the login screen.
  2. Tap Forgot Master Password.
  3. Tap Recover Account.
  4. Tap Recover with Fingerprint.
  5. Touch the fingerprint sensor on your device (don't press) to scan your fingerprint.
  6. If prompted, complete steps for Multifactor Authentication (if it is enabled on your account) and select Next.
  7. Enter a new Master Password, then confirm it. If desired, set a password hint (recommended).
  8. Select Set Master Password, then select Go to Login.

 

Highlighted
LogMeIn Manager

Re: Being able to recover password using the OTP recovery

Hi  

 

Recovery One Time Passwords are created when you sign into the LastPass browser extension, it is a token stored in the browser so if you clear the cache it will be deleted along with everything else. LastPass users should consider this recovery method the last option, after all of the others.

 

For your specific situation I would recommend generating a list of regular One Time Passwords and storing them some place safe. While they cannot be used to reset the Master Password they can be used to sign in so you can copy your data out of you LastPass account if you were ever unable to recover the account for some reason.

 

You may be able to lock your device with a PIN, but then use bio-metrics with the LastPass App. At the end of the day it is a balance of security and convenience that you have to choose. 

 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Highlighted
Active Contributor

Re: Being able to recover password using the OTP recovery

For your specific situation I would recommend generating a list of regular One Time Passwords and storing them some place safe. While they cannot be used to reset the Master Password they can be used to sign in so you can copy your data out of you LastPass account if you were ever unable to recover the account for some reason.>>>>>>>>>>>>>>>>Great  idea thank you!! I did that today....

 

 

You may be able to lock your device with a PIN, but then use bio-metrics with the LastPass App. At the end of the day it is a balance of security and convenience that you have to choose. <<<< I tried that and when I use the fingerprint with the lock app, it >>relocks<< after it opens & then LastPass  won't autofill. I think it is because the lock app with fingerprint is set that way but it confuses LastPass so that is why I don't use it BUT   getting recovery codes & then exporting my file &  importing it to a new LastPass account would work as a last resort. 

 

 

 

 

 

LogMeIn Manager

Re: Being able to recover password using the OTP recovery

Since both of your posts are around the same general topic I have merged them.

 

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Highlighted
Active Contributor

Re: Being able to recover password using the OTP recovery

<<<<<<<<<<<<UPDATE>>>>>>>>>>>>>>>>

 

I was able to set up BOTH pin unlock  via my app lock app & biometrics on LastPass and it works!! NO relocking of lastPass  when using it. I had to change a few settings in the app lock app, but now it works. 

 

So now when I use LastPass on my android device. I get the prompt from my app lock for a pin-number, then once I get past that, I then need my fingerprint to access LastPass.  my "forgot password" worry is over because using biometrics to unlock LastPass I can then reset it via my mobile device. And  anyone that gets my phone has to get past the pin & then fingerprint. 😃

 

I appreciate everyone commenting here to help  Thank You!!