HELP FILE

How do I integrate SecureAuth with my LastPass Business account?

    Required for setup

    • SecureAuth account
    • LastPass Business account

    Step #1: Get the SecureAuth authentication API application credentials

    1. Follow the instructions in the SecureAuth Authentication API Configuration Guide, in the Authentication API section.
    2. Copy the following values and save them to a text editor:

      • Application ID
      • Application Key
      • Realm

    Step #2: Set up the SecureAuth integration in LastPass Business

    1. Log in and access the Admin Console at https://lastpass.com/company/#!/dashboard.
    2. Go to Advanced Options > Business Options > Multifactor options > SecureAuth.
    3. Enter the Application ID, Application Key, and Realm that you copied from Step #1.
    4. Click Update when finished.

    Step #3: Enable SecureAuth as a multifactor option

    1. From within the Admin Console, go to Advanced Options > Business Options > Multifactor options.
    2. Under Enabled Multifactor Options, toggle on the switch for the SecureAuth option.

    Step #4: Add and configure a Multifactor Authentication policy

    1. From within the Admin Console, go to Settings > Policies in the left navigation.
    2. Under Multifactor, select Require use of any MFA option
    3. Select your desired user list for which this policy should be applied. 
    4. Enter notes for additional information about this policy (optional).
    5. Click Save changes when finished.

    Step #5: Advise your users to set up Multifactor Authentication

    Once you have completed the steps above, your users can set up and enable Multifactor Authentication for their LastPass Business account.

    About the removal of users enabled with SecureAuth

    The SecureAuth integration is associated with your LastPass Business account. If you remove users from your company account without first disabling SecureAuth as their multifactor authentication option, then – once removed – those users may become locked out of their LastPass account (if their account is converted to a LastPass Free account). For this reason, we recommend disabling SecureAuth for users you plan to remove.

    About this task: To disable SecureAuth for certain users, perform the following steps.
    1. Go to https://lastpass.com/company/#!/dashboard and log in to access the Admin Console.
    2. Select Users in the left navigation.
    3. Check the boxes next to your desired users.

      Tip: To sort by users enabled with SecureAuth, click the Multifactor column header row in the users table.

    4. Select More actions > Disable multifactor for selected users.
    5. Click OK to confirm.
    Results: You have disabled SecureAuth for your selected users, and you can now safely remove those users from your company account without risk of locking them out (if their accounts convert to LastPass Free accounts).