Reset your master password using mobile account recovery on Android for LastPass
Once account recovery has been set up on your mobile device, you can reset your master password using your unique fingerprint to restore access to your vault.
- Open the LastPass app, then select Trouble logging in? on the login screen.
- Tap Forgot Master Password.
- Tap Recover Account.
- Tap Recover with Fingerprint.
- Touch the fingerprint sensor on your device (don't press) to scan your fingerprint.
- If prompted, complete steps for multifactor authentication (if it is enabled on your account) and select Next.
- Enter a new master password, then confirm it. If desired, set a password hint (recommended).
Tip: We recommend using the following best practices when creating your master password:
- Use a minimum of 12 characters, but the lengthier the better
- Use upper case, lower case, numeric, and special character values
- Make it memorable, but not easily guessed (e.g., a passphrase)
- Make sure that it is unique only to you
- Don't use personal information
- Don't use sequential characters (for example, "1234") or repeated characters (for example, "aaaa")
- Make sure you don't use your master password for any other account or application
- Select Set Master Password.
- Select Go to Login.
- Enter your username and newly created master password, then select Log In to access your vault.
Results: You have now reset your master password using biometrics in the LastPass app for Android.
What to do next: Create new Recovery One Time Passwords on trusted devices (strongly recommended)
Create new Recovery One Time Passwords for account recovery (in case your master password is ever forgotten) by doing the following:
- Log out of LastPass on every trusted computer and/or mobile device where you have installed LastPass and accessed your LastPass vault. You can check your active sessions for all devices.
- Log back in with your new master password.
What to do next: If you are using a public/untrusted computer (recommended)
Clear the browser cache on all web browsers where you accessed LastPass in order to clear the Recovery One Time Password that was created from accessing the LastPass website.
What to do next: If you use temporary, one-time passwords (optional)
Generate new temporary, one-time passwords because all OTPs you generated previously are now invalidated and no longer listed due to your vault being re-encrypted from your master password change.