Resolutions with LastPass: #8 Generate OTPs to Use on Untrusted Computers

Logging in from a hotel computer while on vacation? Checking your email from an Internet cafe? Need to briefly use LastPass on a library or university computer? Then you should generate some One Time Passwords and carry them with you!

If you need to access your LastPass data while away from a trusted device, but are hesitant to do so because of potential keyloggers, LastPass provides One Time Passwords (OTPs) as one option for securely logging in to your account.

One Time Passwords are temporary passwords that grant one-time access to your LastPass vault. Once an OTP is used, it can never be used again. The OTP also prevents your master password from being stolen by keylogging software because you don’t need to enter it when logging in with an OTP.

While you still have access to a trusted computer, go to the OTP management page: to generate and print your OTPs. You must also be logged into the LastPass browser addon to manage your OTPs. From this page, you will see links to Add a New One Time Password, Clear All OTPs, or Print your OTPs:

To add OTPs to your list, click the “Add” link. Once you’ve generated a few OTPs, you can click the “Print” link to carry your OTPs in your wallet, or a copy of them can be carried with you on a portable USB thumb drive.

When you’re ready to login to LastPass from an insecure computer, you can revisit the OTP management page to login with one of the OTPs on your list:

Even if the OTP is captured by malware, the password will not allow access to your account in subsequent attempts because it expires after you login with it once.

If you know you’ll need to login to LastPass on an insecure computer, be prepared by generating and printing some OTPs!

The LastPass Team

Have a LastPass tip of your own? Or a feature or question you’d like us to cover? We’d love to hear your thoughts at


  • Anonymous says:

    There is something I don’t understand. I always thought that the content of your vault, stored on lastpass servers, can only ever be decrypted with your master password. How is it now possible to decrypt it with a OTP? And how come that password can only do it once? What am I misunderstanding?

  • Anonymous says:

    Just to add to the Anonymous June 8, 2012 8:49 PM submission – internet is accessed via public wifi or at best, via hotel password-protected wifi.

    • Boyan says:

      Yes, own device + vpn + LP is probably the best solution. Password protected wifi is no more secure than open wifi, if the attacker knows the password, which is easy to assume in case of hotel wifi.

  • Anonymous says:

    Many thanks to Boyan and Sameer for making me aware and making me understand this a little better.

    This is how new I am: I don’t even know if my questions are silly – If I use my own device (iPhone, iPad) and I use a virtual private network (VPN) and Last Pass, am I improving my chances for safety? This question may be stemming from a lack of understanding of how malware gets in the system. How does LP specific malware get in the system?

    I am a long-term (international) traveller and I have to access banking information from time to time. I understand that there is no 100% solution.