Introducing YubiKey MFA for iOS on Your LastPass Account

Today, we’re excited to announce YubiKey multi-factor authentication for LastPass iOS users! We’ve partnered with Yubico and have had YubiKey NEO support for Android for many years now. With Apple recently opening up NFC, the support for iOS devices is a giant leap forward in enhancing mobile security for all of our users.

By 2020, 72% of the American workforce is expected to be remote or ‘deskless’ meaning that more and more employees will be relying on their smartphones to get their work done. And many individuals have already stopped replacing their laptops, relying on tablets or their smartphones as a replacement. This means so much of our personal and work life is on our phones, and we need to take extra steps to ensure the information we store there is secure.

Multi-Factor Authentication (MFA) is a critical step for securing data on our laptops and mobile devices. From desktop to mobile, LastPass and the YubiKey offer a seamless password management experience that leverages strong, reliable MFA across multiple browsers and devices to keep your passwords safe.

yubico screenshot

With the launch of Yubico’s new Mobile Software Development Kit (SDK) for iOS, developers can now leverage the strength and security of hardware-backed YubiKey MFA by easily building in support for one-time password (OTP) authentication via NFC into mobile apps for iPhone users. Using a separate hardware device to authenticate increases the security of your account because it requires physical possession of your mobile device and your YubiKey.

LastPass is the first password manager to enhance its security for mobile login on iPhones with Yubico OTP authentication through NFC. This means that LastPass users with an iPhone 7 or above, running iOS 11, can now authenticate to their LastPass Premium, Families, Teams, or Enterprise accounts on their mobile device with the same YubiKey NEO that they use for their desktop or laptop. Users can touch the YubiKey NEO to the iPhone to wirelessly transfer a Yubico OTP and securely authenticate to the application. Check out how easy this is in the video below.

We couldn’t be more pleased to partner with Yubico on this new functionality that allows the LastPass community to enable greater security measures on all of their devices, and we look forward to more innovative updates like this in the future!

Update: We understand that some of our users are having trouble using the YubiKey NEO over NFC with the LastPass iOS app. To address these questions, we’ve updated our setup guide with more information on the integration: https://support.logmeininc.com/lastpass/help/yubikey-multifactor-authentication-lp030020#UseMobile

16 Comments

  • Eric says:

    I have the exact same problem with my iPhone 7 Plus. My Yubikey NEO isn’t recognized at all when trying to scan it.

  • Roel says:

    I have successfully enabled Yubikey on my iPhone, but my iPad pro keeps falling back to the lastpass authenticator, even though Yubikey is the default second factor and the iPad pro has NFC

    • Leah Bachmann says:

      Hey Roel,
      Unfortunately, due to Apple’s capabilities, it’s only available on iPhone, not iPad. Thanks for your question.

  • Mike says:

    YubiKey doesn’t work on iPhone X. Tried different angles no luck. Also need a feature to disable YubiKey for iOS but keep it on browser and computer version

  • Rouke Broersma says:

    Can we expect this feature to roll out to Android as well? Android NFC has been open for years and years, please support us Android yubikey users as well.

  • John Pearce says:

    I have two of the very early yubikeys. Back from the days when Steve was first talking to Steena? Excuse my memory. I am interested in one of the new Neos that has NFC for my iPhone 7. Looking at your site Isee a few Neos. Which one to order? And would I still be able to use my older versions for my laptop and desktop? In effect have 3 active Yubikeys of mixed generation?

    Thank you,
    John

  • Sachin Yadav says:

    I don’t get any kind of notification on the iPhone. Anyone with the same kind of issue?

    • Preston says:

      @Sachin – Two things… 1.) Make sure you have the updated version of LastPass for mobile. You may have to swipe down to refresh for updates. in the App Store. 2.) Your device has been configured as a trusted device. As shown in the video next to the Multifactor Options tab there is a Trusted Devices tab. Delete the trusted device associated with your iPhone. This will require LastPass to re-prompt you with multifactor authentication. Hope that helps.

    • Eric says:

      My iPhone 7 Plus doesn’t recognize my Yubikey NEO. I’m using LastPass premium, and followed all the multi-factor steps “to the T”. I actually have two Yubikey NEOs, and neither one is recognized by my iPhone. When LastPass tries to scan my Yubikey NEO, absolutely nothing happens. I’ve even taken off my iPhone case–still nothing. I’m able to use my iPhone’s NFC for purchasing stuff out of vending machines, etc.–so I’m completely miffed. And, yes, I’m using the most up-to-date iOS LastPass app from Apple’s store.