Logging In With Duo Push and LastPass
In order to use Duo Push with LastPass, you must have first signed up for a Duo account and configured your LastPass vault to use Duo authentication. See our LastPass documentation for step-by-step instructions.
LastPass Web Page and Browser Extension
The LastPass Duo multifactor window appears after username and password is entered, and at the same time a push authentication request appears on your mobile device if it is activated for Duo Mobile.
If you click the "This computer is trusted..." option then you won't be prompted for two-factor authentication again from the same browser on that device.
If you (or your administrator) enabled the Duo WebSDK experience when configuring Duo in LastPass, you'll be redirected to the Duo Universal Prompt. Choose an authentication option and approve to access your vault.
LastPass Mobile App
The LastPass Duo multifactor window is displayed after username and password is entered, and at the same time a push authentication request appears on your mobile device if it is activated for Duo Mobile. You may approve the Duo Push request from the same device where you are logging into the LastPass mobile app.
If you click the "Trust this device?" option then you won't be prompted for two-factor authentication again by the LastPass app on that device.
LastPass for Applications
The LastPass for Applications program is available for Microsoft Windows only. The LastPass Duo multifactor window is displayed after username and password is entered in the LastPass for Applications login window, and at the same time a push authentication request appears on your mobile device if it is activated for Duo Mobile.
If you click the "This computer is trusted..." option then you won't be prompted for two-factor authentication again when logging in to LastPass for Applications.
Instead of approving the automatic push request, you can also enter a different factor name or passcode into the empty field and click the Authenticate button. Here's how:
| Type... | To... |
|---|---|
| A passcode | Log in using a passcode, either generated with Duo Mobile, sent via SMS, generated by your hardware token, or provided by an administrator. Examples: 123456 or 1456789 |
| push | Push a login request to your phone (if you have Duo Mobile installed and activated on your iOS or Android device). Just review the request and tap "Approve" to log in. |
| phone | Authenticate via phone callback. |
| sms | Get a new batch of SMS passcodes. Your login attempt will fail — log in again with one of your new passcodes. |
Note: LastPass only works with your primary device. If you have multiple phones or devices attached to your Duo account you can only use passcodes or approve the LastPass push request from the first one.
Examples
To send a Duo Push request to your primary phone, type:
To use the passcode "123456", type:
To send new SMS passcodes to your phone, type:
If you don't want to set up LastPass with Duo's one-tap push authentication, you can still protect your password vault by adding LastPass to Duo Mobile as a third-party account. Follow the instructions for setting up LastPass with Google Authenticator, simply substituting the Duo Mobile app for Google Authenticator. Once you do that, you can use a passcode generated by Duo Mobile to log in to LastPass.