As you roll out LastPass, it’s important to feel confident in helping employees with their new password manager. You might be the sole IT person wearing lots of hats. Or you might be part of a large helpdesk team. Either way, employees will undoubtedly come to you with questions and concerns.
In our recent LastPass Enterprise Master Class, we talked through some of the most common LastPass questions heard by our customers’ helpdesk teams. We shared our tips for reducing calls related to LastPass. We also discussed best practices for increasing employee satisfaction with the service.
One of the most common questions helpdesk staff hear is: “How can I reset my LastPass master password?!” Here’s how we recommend handling that question. With the right planning, you might even avoid it to begin with!
Turn on the “Super Admin Master Password Reset Policy”.
Before you start onboarding employees, be sure to activate the policy that will allow you (and other admins, if designated) to administratively reset master passwords. The policy can be turned on in the admin dashboard. By turning it on before onboarding, you’ll ensure the recovery keys are securely enabled for your account for every employee. You can still turn it on after the fact, but if a user hasn’t logged in after the policy was enabled, your admin account will not yet have permission to use the recovery keys. That’s why we recommend doing this from the start! It’s just one of the many policies we recommend familiarizing yourself with for a better LastPass experience.
Train employees when you first deploy LastPass.
Training certainly takes time and resources from the IT team, but the pay-off is worth it. When you’re rolling out LastPass to employees, host lunch and learns or virtual trainings where employees can learn what LastPass is, the basics of how it works, and what your expectations are when they’re using it. It’s an ideal way for users to ask questions up front.This is also the perfect time to teach them about creating a strong master password, preferably as a “passphrase” that is secure but easy for them to remember.
Ensure all employees are using the browser extension.
The best way to use LastPass is by installing and logging in through the browser extension. Not only does the browser extension allow LastPass to browse intelligently with the user, it also securely stores account recovery data so the master password can be reset on the user’s device. If the user never logged in through the browser extension (or the mobile app), account recovery won’t be possible. You will need to delete the user’s account for them to start over.
Activate the “Super Admin Master Password Reset Policy”.
Life happens, and users forget their master passwords. When the employee comes to you asking for help, go to the admin dashboard’s policy section. Follow the steps to activate the Super Admin policy for their account. You’ll be prompted to create a new, temporary password for the user, which you’ll need to communicate to them – LastPass does not send the temporary password by email. Once the user logs in with the temporary password, they’ll be prompted to create a new master password for themselves. Be sure to remind them about using a passphrase as their master password!
As you can see, the Super Admin Master Password Reset Policy is one of the best tools available to LastPass admins. Now you can feel confident about knowing what to do should a user approach you after forgetting their master password.
Want more information about common LastPass-related helpdesk questions and best practices for supporting your users? Be sure to check out the replay of our recent Master Class!