product icon

Step #4: Policies & Reports

    Review the various policies available for configuration, and oversee security performance using admin reporting.


    • LastPass Business accounts offer a number of configurable and recommended policies around security levels and password strength that you can add, edit, or delete as a LastPass admin.
    • Each policy can be applied to all users, or an inclusive or exclusive list of users. With over 100 policies available for you to add and configure, you can achieve the most optimal security performance with LastPass.
    • Add your desired policies and assign at least one test user to each.



    Determine which policies are right for your organization, then view the detailed configurations for each by viewing a list of available policies (please note that you must be actively logged in to a LastPass Business in order to view).

    You can also review a full list of all available policies on the LastPass Policy page at
    Note: You must be actively logged in with a LastPass Business account in order to view the full list of policies available.

    Testing by the Project Team

    1. Add an advanced multifactor authentication policy for using biometrics (i.e., "Require extra authentication for LastPass Authenticator app") in the Admin Console and assign to at least one user for testing.
    2. Add MFA Apps in the Admin Console to protect specific endpoints (SSO apps, workstations, VPNs, Identity Provider logins) with a second layer of security using the LastPass Authenticator app for your desired endpoints (if applicable).
    3. Add contextual multifactor authentication policies and assign to at least one user for testing in the Admin Console, including configuration for any of the following:


    You can review all report types available, including the following: