product icon
Integrate SecureAuth with my LastPass Business account

Integrate SecureAuth with my LastPass Business account

    Required for setup

    • SecureAuth account
    • LastPass Business account

    Step #1: Get the SecureAuth authentication API application credentials

    1. Follow the instructions in the SecureAuth Authentication API Configuration Guide, in the Authentication API section.
    2. Copy the following values and save them to a text editor:
      • Application ID
      • Application Key
      • Realm

    Step #2: Set up the SecureAuth integration in LastPass Business

    1. Log in and access the Admin Console at https://lastpass.com/company/#!/dashboard.
    2. Go to Advanced > Enterprise Options > Multifactor options > SecureAuth.
      Configure SecureAuth Authentication
    3. Enter the Application ID, Application Key, and Realm that you copied from Step #1.
    4. Select Update when finished.

    Step #3: Enable SecureAuth as a multifactor option

    1. From within the Admin Console, go to Advanced > Enterprise Options > Multifactor options.
    2. Under Enabled Multifactor Options, toggle on the switch for the SecureAuth option.

    Step #4: Add and configure a Multifactor Authentication policy

    1. In the new Admin Console, go to Policies > General policies.
    2. Under the Password multifactor policy category, select Require use of any MFA option
    3. Select your desired user list for which this policy should be applied. 
    4. Optional: In the Settings field, enter notes for additional information about this policy.
    5. Select Enabled in the Status field.
    6. Select Save changes when finished.

    Step #5: Advise your users to set up Multifactor Authentication

    Once you have completed the steps above, your users can set up and enable Multifactor Authentication for their LastPass Business account.

    About the removal of users enabled with SecureAuth

    The SecureAuth integration is associated with your LastPass Business account. If you remove users from your company account without first disabling SecureAuth as their multifactor authentication option, then – once removed – those users may become locked out of their LastPass account (if their account is converted to a LastPass Free account). For this reason, we recommend disabling SecureAuth for users you plan to remove.

    About this task: To disable SecureAuth for certain users, perform the following steps.
    1. Go to https://lastpass.com/company/#!/dashboard and log in to access the Admin Console.
    2. Select Users in the left navigation.
    3. Check the boxes next to your desired users.
      Tip: To sort by users enabled with SecureAuth, click the Multifactor column header row in the users table.
    4. Select More actions > Disable multifactor for selected users.
    5. Click OK to confirm.
    Results: You have disabled SecureAuth for your selected users, and you can now safely remove those users from your company account without risk of locking them out (if their accounts convert to LastPass Free accounts).