HELP FILE

I am a Super Admin, why can't I reset a user's master password in LastPass?

    The "Permit super admins to reset master passwords" policy is not applied retroactively – this means that in order to reset a user's master password, the user must log out of the LastPass browser extension then log back in to activate the policy and allow the super admin to reset their master password.

    Condition

    In your LastPass Teams or LastPass Business account, you have been added to the "Permit super admins to reset master passwords" policy but when you select a user, you are not seeing the "Super admin master password reset" option in their User Settings.

    Note: This also applies if you cannot perform the Transfer Vault action for a user.

    Cause:

    In order to activate your ability to reset the specific user's master password, the user (whose master password you are trying to reset) must log out of their session then log back in (using the LastPass browser extension only).

    Remedy:

    The user can log out of their active session, or the LastPass admin can force them to log out of all active sessions. Once logged out, the user must log back in to the LastPass browser extension.

    1. The user account is logged out of LastPass in either of the following ways:
      • The user logs out of the LastPass browser extension by clicking the LastPass browser extension icon LastPass in their toolbar, then selecting Log Out.
      • The LastPass admin logs the user out of all active sessions from within the Admin Console by selecting the user and clicking More Actions > Destroy all sessions for selected users > OK.
    2. The user logs in to the LastPass browser extension.

      Result: You are now activated to reset the user's master password.