How do I create a time-based one-time passcode (TOTP) for site entries as a LastPass business account user?
If you have a LastPass Teams or LastPass Business account, you can create a time-based one-time passcode (TOTP) from your vault and use it for authentication when logging in to a third-party app or website.
Terminology
- Time-based one-time passcode/TOTP/Two-Factor Code
- These terms all refer to the same value – a code that is generated for you and created as a means of verification or authentication.
- Two-Factor Authentication/Two-Step Verification
- A security feature that asks you for more than just your username and password when you log into a website. It requires something you know (your password) and something you have (your phone).
About TOTP codes for LastPass
- At this time, TOTP codes generated from your vault can only be used when accessing LastPass from a desktop web browser (i.e., not supported when using the LastPass mobile apps)
- TOTP codes generated from your vault can only be used for the specific third-party site paired with your site password entry in your vault (via the secret key)
- TOTP codes will be generated automatically in the site's one-time passcode TOTP code field if the site is stored in your vault and has a secret key associated
- TOTP codes generated from the LastPass Authenticator app mobile app are completely different from TOTP codes generated from your LastPass vault, and cannot be used interchangeably for authentication
- LastPass generates 6-digit one-time passcodes using SHA-1 algorithm, and these codes are regenerated every 30 seconds
- TOTP codes are only supported for site entries in your vault (i.e., not support for secure notes or items)
- If your computer's clock is not synced with universal Internet time, it could cause the TOTP code to be invalid and you may encounter an error when entering it
About policy restrictions
The ability to perform these actions may be prohibited if the "Don't show TOTP in vault" policy is enabled by your LastPass admin for your LastPass Business account.
Create a TOTP code in your vault
Generate a secret key from your third-party site.
Enter the secret key into LastPass.
Use a TOTP code from your vault
Once you have paired your site with LastPass via the secret key, you can copy a TOTP code from your vault and use it to log in to your site when you're prompted for Two-Factor Authentication.