Using Token2 hardware tokens for LastPass user account
LastPass is a secure password manager that stores all of your usernames and passwords in one safe place, called a vault.
Your vault is your central hub of all stored data. After you save a password to your Vault, LastPass always remembers it for you. When you need to log in to a website, LastPass enters your username and password for you.
Multi-factor authentication(MFA) and two-factor authentication(2FA) add an extra layer of security to your users' accounts, drastically reducing the chances of sensitive information being hacked by cybercriminals.
LastPass let you use Token2 programmable tokens for two-step verification.
In this article, we will show the procedures required to enrol and use Token2 programmable TOTP tokens for two-factor authentication for LastPass user accounts (as replacement for the Authenticator App).
• A LastPass account with admin rights
• A Token2 programmable token
• An iPhone or Android device with NFC* - this is needed for the enrollment only, subsequent logins will only require the hardware token
[* Android and Windows versions are available for all models, but this guide will use the iPhone app as an example. iPhone apps are compatible with "-i" models only]
Step 1. Enable an MFA method
1) Log in to LastPass account, select Account Settings in the right navigation.
2) Navigate the Multifactor Options tab.
3) Click the Edit icon to the right of your "Google Authenticator" multifactor option. "Microsoft Authenticator" multifactor option can be used as well(these 2 options can not coexist together).
4) For the Enabled drop-down menu, select Yes.
5) For the Permit Offline Access drop-down menu, choose one of the following:
-Select Allow if you want to allow access to LastPass even when you are offline. This will store an encrypted vault locally so you can log in without using multifactor authentication in case of a connectivity issue.
-Select Disallow to prevent offline access, which requires the use of multifactor authentication and being connected to the Internet when using LastPass.
6) Click the View your barcode link , type your LastPass master password and click continue. A QR code will be displayed on the screen that you will scan using one of the provisioning tools in the next step.
Launch the NFC burner app on your Android device and hit the "QR" button
Point the camera to the QR code shown on the account page. Upon a successful QR scan, the camera window should disappear
Turn on the token and touch it with your phone (make sure it is overlapped by the NFC antenna) and click "Connect" on the app
Upon successful connection, click the "Burn seed" button. If NFC link is established and the code is correctly scanned, you should see a status window showing "Burning..." and eventually (in a second or two), "burn seed successful.." message in the log window
Follow the steps below to perform setting the seed for your token using Windows App.
1. Launch the exe file, then select the NFC device from the drop-down list and click on "Connect". You should see a message box notifying about a successful operation.
2. Enter the seed generated (in base32 format) :
3. Place the token onto the NFC module and wait for its serial number to appear.
4. Click on "Burn seed" button. A log entry with the serial number and "Successful operation" text will be logged in the log window.
Launch the NFC burner app on your iPhone device and hit the "scan QR" button
Point the camera to the QR code shown on the account page. Upon a successful QR scan, the camera window should disappear and the seed field will be populated with the hex value of the seed
Touch the Burn button, then turn on the token and touch the top of your iPhone with the token
Check the results of the process in the Results log field
Please note that the procedures above are shown only as examples and are valid to single profile TOTP tokens only. The procedure for multi-profile and USB-programmable devices are similar but slightly different
Step 3. Verify the OTP
After the token provisioning is done, turn the token off and back on. Close the window with the QR code and click Update.
You will be prompted to enter the verification code:
Enter the OTP generated by the hardware token and then click OK. Now, your LastPass account is protected with 2FA.
We detected that you are visiting this website from an EU country. We recommend to continue with our EU website.
Choose the location
We detected that you are visiting this website from United Kingdom. We recommend to continue with our GBP website. Please note that only pricing is changing, shipping is still from Switzerland
COVID19 Situation in Switzerland and France
Due to current preventive measures being taken against the COVID19 outbreak in Switzerland and France (such as border closures and potential lockdown of Geneva airport) we are expecting delays in shipping and delivery with both express delivery (Fedex/UPS) as well as the regular post In particular, as the office in France is currently not functioning, all orders placed on the EU website will be shipped from Switzerland instead.
Apologies for the inconvinience!
go to the product page (click on product title or Details link) and then click on the Buy options tab to change the quantity and product options or view available stock quantity.