product icon

How do I sign in to my Windows account using LastPass MFA for Microsoft AD FS?

    As a user, once the LastPass MFA service for Microsoft AD FS has been set up, you can sign in to your relying party applications by entering your AD credentials then authenticating on your mobile device.

    Note: This feature requires an account with the LastPass Business + Advanced MFA add-on. How do I upgrade my LastPass Business account with an add-on?
    Note: Authentication methods will vary, depending on how your account is set up and/or policies that are enforced.
    1. In your browser, enter your Active Directory credential, then proceed to sign in.

      Result: You are prompted to authenticate.

    2. By default, a push notification is sent via the LastPass Authenticator app app. Tap Accept when prompted.
      Passwordless Prompt in LastPass Authenticator

      Troubleshooting: If desired, click the Having trouble? drop-down menu on the Multifactor authentication screen and choose from either of the following authentication methods:

      • Select Enter passcode, then enter the time-based, one-time passcode (TOTP) from the LastPass Authenticator app .
      • Select Call me, then click Call me and answer the phone call made by the LastPass automated system. Press the # key to verify your authentication.
      Note: The last authentication method that was used will be served by default the next time you log in to your Windows account.

    Results: You are now signed in to your Windows account.