The Security report provides a summary of various critical user statuses, around which additional education or training may be warranted (e.g., reused master passwords, weak security score, more than 3 duplicate passwords, etc.). The goal of this view-only report is to help optimize the use of LastPass among your end users to help improve the security of your company’s digital assets.
- Log in with your email address and master password to access the new Admin Console at https://admin.lastpass.com.
- If prompted, complete steps for multifactor authentication (if it is enabled for your account).
- Go to .
- Optional: To view the latest information, select Request update.
Result: The page refreshes and displays the latest data for your Security report.
- View the risk name, number of impacted users, and percentage (%) of impacted users (i.e., calculated against your total number of users). The following risks are displayed:
| Risk name |
Description |
| User iteration counts |
The iteration count of each user account within the company |
| Shared folders accessed by low iteration count users |
A list of all shared folders that were accessed by any user with a low iteration count within the company |
| Enabled multifactor |
The MFA option that is provisioned to all users within the company (i.e., not only the default MFA option, but all enabled MFA options for all users) |
| Linked account iteration count |
The iteration count of each linked personal account and Families as a Benefit account within the company |
| URLs in vaults |
All the URLs that the company's users have added to their vaults – this does not include the site URLs for linked personal accounts and/or Families as a Benefit accounts. Select Generate report, which will send an email notification to your account email address when the report is ready. |
| URLs in shared folders |
All the URLs that the company's users have saved in their shared folders – this does not include the site URLs in shared folders for linked personal accounts and/or Families as a Benefit accounts. Select Generate report, which will send an email notification to your account email address when the report is ready. |
| Reused master password |
Users who used their master password on another site in the last X days but have since failed to change their master password |
| Weak security score |
Users who have a security score of less than 33 percent (< 33%) – learn more about security score calculation |
| No sharing key |
Users who don't have a sharing key. Users must log in once using the LastPass browser extension to generate a sharing key before they can receive shared items |
| Inactive during last 7 days |
Users who haven't logged in for the last 7 days |
| No linked account |
Users who haven't linked a LastPass personal account to LastPass Business |
| More than 5 weak passwords |
Users with more than 5 weak passwords – learn more about password strength |
| More than 3 duplicate passwords |
Users with more than 3 duplicate passwords |
| More than 3 duplicate password sites |
Users with duplicate passwords on more than 3 sites |
| More than 3 blank passwords |
Users with a blank password for more than 3 sites |
- Optional: If desired, you can download a report (CSV file) for any of the following reports (by selecting your desired risk name, then selecting
within the pane in the right navigation):
- User iteration counts
- Shared folders accessed by low iteration count users
- Enabled multifactor
- Linked account iteration count
- Weak security score
Results: You have viewed your desired Security report information.
