HELP FILE

How do I enable YubiKey in LastPass?

How do I enable YubiKey in LastPass?

    You can set up and configure your LastPass account to use YubiKey for authentication.

    Setup video for iOS (also supported on Android): Watch Video
    1. Plug your YubiKey device into the USB port of your computer.
    2. Log in to LastPass and access your vault by doing either of the following:
      • In your web browser toolbar, click the LastPass icon active LastPass icon and select Open My Vault.
      • Go to https://lastpass.com/?ac=1 and log in with your email address and master password.
    3. Select Account Settings in the left navigation.
    4. Select the Multifactor Options tab.
    5. Click the Edit icon Edit option for Yubico.
    6. Click within the YubiKey #1 field.
    7. Lightly press your YubiKey device button (that has the Wi-Fi icon or "Y" in the center) to automatically fill in the YubiKey #1 field.
    8. Once filled, you can specify your YubiKey preferences as follows:

      • For the Enabled option, use the drop-down menu to select Yes. Once enabled, you will be prompted to enter the YubiKey data the next time you log in to LastPass from your mobile device or desktop.
      • For the Permit access from incompatible mobile devices option, this controls whether mobile devices lacking an NFC reader will be allowed to bypass YubiKey. This setting only apply to LastPass accounts who utilize either iPhone 6S or older (running iOS 10 or earlier) or select Android devices that lack an NFC reader. Choose one of the following:
        • Select Allow if you want to use older mobile devices to access the LastPass mobile app, which will require you to enable at least one (1) additional authentication option to protect your LastPass vault so that when you access LastPass from a mobile device lacking an NFC reader, you can still authenticate by using your other enabled authentication option when prompted (and won't be locked out due to multifactor authentication).
          Fastpath:  Selecting this option will require you to cancel the setup for YubiKey, enable another authentication option for LastPass, then return to the setup process for YubiKey.
        • Select Disallow if you want to prohibit access from older mobile devices to the LastPass mobile app (due to being unable to authenticate with YubiKey).

    9. For the Permit Offline Access drop-down menu, choose one of the following:
      • Select Allow if you want to allow access to LastPass even when you are offline. This will store an encrypted vault locally so you can log in without using multifactor authentication in case of a connectivity issue.
      • Select Disallow to prevent offline access, which requires the use of multifactor authentication and to be connected to the Internet when using LastPass.
        Important: If this option is selected and you are not connected to the Internet and/or https://lastpass.com is not available, you will be unable to access your vault. Learn more about offline access.
    10. Click Update when finished.

      Tip: To disassociate a YubiKey device with your LastPass account, clear the entire YubiKey input field of all characters and click Update.

    Results: You have enabled YubiKey for multifactor authentication to protect your LastPass vault.