Note from Your Friendly LSP: LastPass

If you use the LastPass password manager offered by UVA, you may be aware that LastPass reported a data breach right before our holiday break. While we await official recommendations, the UVA Finance LSP team suggests enabling Multifactor Authentication (MFA) if you have an account with LastPass. This is not on by default. You do not need to do anything if you have already enabled MFA. If you'd like to enable MFA, we've included the instructions after the jump to help you.

The LastPass Authenticator operates similarly to the DUO app. Once enabled, you can use Push notifications, time-based codes from the app, or SMS (text) codes.

1. You will need to visit the App Store on your iOS or Android device and install the LastPass Authenticator app.
      -Once the app is installed on your mobile device, you will perform most of the steps below from your UVA laptop.

2. Open your Last Pass Vault from your browser extension (or open your desktop client should you have it)

3. At the bottom of the sidebar on the left, choose Account Settings

4. Choose the 3rd tab at the top, Multifactor Options. Select the pencil icon on the far right to enable the first option, LastPass MFA

5. Choose Yes to enable. If you allow offline access, you may be prompted to install the LastPass Manager App (2nd pic). You do not need to allow offline access for the Authenticator to work.

6. You will be prompted to enter your Master Password

7. Select Enroll your device, and then choose Set Up Mobile App:
  • You will be prompted to scan a QR code to sync your device. You will have to allow LastPass access to your camera to scan the code.

  • We also recommend setting up a backup using text messages.

  • Select Activate after you have set up the Mobile App and the backup text messages.

If you need assistance with this process after attempting the steps above, you can email [email protected] to create a Service Desk ticket. We will reach out to you as soon as possible to help.