product icon


    You can set up geofencing policies to define which locations and regions that users are allowed or prohibited from using the LastPass Authenticator app for authentication.

    1. Log in and access the Admin Console at!/dashboard.
    2. Select MFA or SSO & MFA in the left navigation.
    3. To create a geofencing policy, go to Policy > Geofencing in the left navigation.
      Note: Please be aware that there is an authentication policy that can be enforced to disable users' ability to log in and access their LastPass vault and/or SSO apps in Offline Mode when a geofencing policy is in place (because their location cannot be determined when offline). Learn more about authentication policies.
    4. To create a safe Green Zone geofencing policy, do the following:
      1. Click + Create Green Zone.
      2. Add a new Green Zone by entering an address in the search box.
      3. Name the policy by entering a name in the Tag Name box.
      4. Click Save.
    5. Optional: Adjust the area of the Green Zone by dragging the handle of the circle on the map.
    6. Optional: Set a geofencing policy based on region.
      1. Click Region.
      2. Select the target safe country, state, or city.
      3. Click Save.
    7. Once you have created a Green Zone policy and save, another window displays. Click Setup Policy here to activate and manage the policy settings.
    8. Click + New Policy to continue setting up the policy.
    9. Add the Policy Name and select the saved geofencing policy that you just created.
      If needed, assign IP addresses.
    10. Select General Access Policy as the Policy Level option to assign the policy to all applications, or select a specific application from the drop-down menu.
    11. Optional: Add a Policy Time Range to limit access to a specific time range.
    12. The policy can be Permanent Policy or Temporary Policy. If you choose a Temporary Policy, select a date for the policy.
    13. Click Save.
    14. Click User or Group tab and assign users to the policy by selecting them and clicking Save.
    15. To create an unsafe Red Zone geofencing policy:
      1. Click Policy > Geofencing.
      2. Click + Create Red Zone.
      3. Add an address in the search box or click Region and select a country, state, or city
      4. Add a policy name in the Tag Name box.
      5. Click Save.
        Note: Red Zones and regions automatically apply to all users and applications and block all users' access from denylisted locations.
    16. To edit Geofencing Policies.
      1. Select a geofence policy from the list.
      2. Edit the policy.
      3. To delete the policy, click Delete.
        Note: You can't delete an Active policy which has been assigned to users. A geofence policy is inactive unless assigned to users and applications.
      4. To activate an inactive geofencing policy or manage access to a policy, click Access and select a policy.
      To learn more about assigning and managing access policies, see Access Policy Management.