product icon

How do I manage the dark web monitoring policy for LastPass Business users?

    LastPass admins of LastPass Business accounts can manage the "Control dark web monitoring" policy and its settings.

    About this policy

    Control dark web monitoring policy
    Control how your organization uses LastPass dark web monitoring. If enabled, LastPass performs a background security scan against a database of known third-party security breaches for each monitored username.
    If the username associated with a login is potentially at risk, an email is sent to the user identifying the compromised website and recommending preventative measures.

    How to enable & configure

      Enable the "Control dark web monitoring" policy.

      1. Log in with your email address and master password to access the new Admin Console at
      2. If prompted, complete steps for multifactor authentication (if it is enabled for your account).
      3. Go to Policies > General Policies.
      4. Select New Policy.
      5. Search for and select the Control dark web monitoring policy.
      6. Select Continue.

      Configure the policy settings.

      1. Select Edit policy settings.
      2. In the Value field, enter one of the following number values based on your desired selection:
        • 1 – Available, user controlled. Allow users to stop monitoring any or all addresses.
        • 2 – Available, admin controlled. Don't allow users to stop monitoring in any way.
        • 3 – Restricted, admin controlled. Turn off dark web monitoring for all users, even if they had previously activated it before this policy was implemented. Don't allow monitoring in any way.
      3. Optional: If desired, add Notes about this policy.
      4. Select Save changes.

      Add users to the policy.

      1. Select Edit policy users.
      2. Assign users and groups by choosing one of the following options:
        Applies to Instructions
        All users
        1. Select All users > Save changes.
        Only these users/groups
        1. Select Only these users/groups > Assign users & groups.
        2. Use the search field and select the users and/or groups that you want to include for this policy.
        3. Select Assign Users > Save & finish.
        All except these users/groups
        1. Select All except these users/groups > Assign users & groups.
        2. Use the search field and select the users and/or groups to exclude from this policy.
        3. Select Assign Users > Save & finish.
      3. Select Save changes.

      Set the policy status.

      1. For Status, choose from the following options:
        • Select Enabled to enforce the policy immediately and apply to all selected users.
        • Select Disabled to add the policy but not yet enforce it upon your selected users; can be enabled later.
      2. Select Save changes.
    Results: You have configured the " Control dark web monitoring" policy for your selected end users.