Restrict access to my configuration file for the LastPass Universal Proxy 4.x on Windows

Before you begin: You must complete the steps for downloading and installing LastPass Universal Proxy, then configuring it using either the command line interface (CLI) or the server.properties configuration file.

About this task:

Note: This feature requires an account with the LastPass Business + Advanced MFA add-on. How do I upgrade my LastPass Business account with an add-on?

After you have installed and configured the LastPass Universal Proxy, we highly recommend that you restrict access to the configuration file that gets created.

The LastPass Universal Proxy configuration creates a plain text configuration file server.properties, at the default path of C:\Program Files\LastPass\Universal Proxy\conf\server.properties (or the path you selected during installation, if different). This file contains sensitive security information to establish a connection between the proxy server and the LastPass cloud-based MFA authentication server, including a LastPass API key and optionally a RADIUS shared secret.

To restrict the access to this configuration file do the following steps:

In Windows Explorer, navigate to the server.properties file.
Right-click on the server.properties file and select Properties.
Result: The server.properties Properties window appears.
Click the Security tab.
Click Edit, to change permissions.
Result: The Permissions for server.properties window appears.
In the Permissions for server.properties window set the following:
1. Under Group or user names:, select or add a group or user.
2. In the Permissions for <user group> group box, check the checkboxes in the Allow and Deny columns, to allow or deny the available permissions for your selected user or group.
3. Click Apply.
4. Click OK.
In the server.properties Properties window, click OK.