Losing something is such an awful feeling. Remember that moment when you couldn't find your phone? Or your keys were nowhere to be seen? Or your credit card wasn't where it should be? So you stop everything until you find them again while trying hard not to panic. As a LastPass user, your master password ranks right up there as something you can't live without. LastPass does, after all, securely store and encrypt all your passwords, PINs, and other essential digital data for you. And if you've been using LastPass to create long random passwords for all of your accounts, you really don't want to lose access to your vault. But - gasp - what happens if you forget your master password? Can you regain access? Is your vault lost?
Indeed, we at LastPass don't know your master password. The master password is never sent to or shared with us. Since we don't have it, we can't ever send the master password or make you a new one. But, there are account recovery options available to help you regain access to your vault and reset your master password. Let's explore how LastPass account recovery works, so you know what to expect and how to prepare ahead of time.
How LastPass account recovery is different
Usually, when you forget your password to an online account, the website will send you a reset link. Those websites use your email address or phone number to "prove" that you are who you say you are. When you click the link they send you, you can reset your password. Account recovery with LastPass works a little differently. We built LastPass with a zero-knowledge security model. That's a fancy way of saying LastPass never has your master password, the password you use to unlock your vault and encrypt everything you store in it. All of the encryption and decryption of your LastPass account happens on your device, not on our servers. Since the master password never leaves your device, we never have access to it. Zero-knowledge encryption is excellent for security but also means that account recovery has to work differently, and options are more limited in some ways. For example, rather than resetting the account for you, you go through account recovery on your device and use securely stored information on that device to reset the master password.How to recover your LastPass account
"Account recovery" is what we call the process of resetting your master password. The *only* way to reset your LastPass master password is to go through the account recovery process. Remember that your LastPass master password is your encryption key to your vault. Account recovery allows LastPass to use secure, local data on your device to "prove" your identity and facilitate the re-encryption of your vault with a new master password. To recover your LastPass account, you'll start by clicking or tapping the "Forgot password" option. However, what happens next with account recovery is slightly different depending on whether you're using a desktop or laptop computer versus a mobile device like a smartphone or tablet.Account recovery on mobile vs. desktop
On a computer, you'll use a "recovery one-time password" stored in the browser extension to reset your account. The LastPass browser extension automatically creates and stores the one-time recovery password when you log in. Click the "Forgot password" link on the log-in window to open https://lastpass.com/recover.php and start the account recovery steps. LastPass emails you a link that, when clicked, activates LastPass to find that local recovery one-time password. Once located and used, you'll be able to create a new master password and regain access to your vault. Or, if you set up SMS account recovery beforehand, you'll be texted a code instead of emailed a link. With that code, you can again reset your master password. If you're using the LastPass mobile app on a smartphone or tablet, the account recovery process looks a bit different. Instead, you'll use biometrics stored on the device to reset your master password. Note that you must have biometrics enabled on your device and opt into mobile account recovery before using account recovery. If you did not set up mobile account recovery in your LastPass mobile app before forgetting your master password, account recovery wouldn't work on that device. However, if you did complete those steps in advance, tap the "forgot password" option on the mobile app. Next, LastPass will prompt you to enter your FaceID, TouchID, or fingerprint swipe. Once the biometric data is accepted, LastPass will prompt you to enter a new master password.Steps to prepare for account recovery
As explained above, you can do a few things to ensure you will successfully recover your account if you forget your LastPass master password.- Set up SMS recovery. Here's how: https://support.logmeininc.com/lastpass/help/set-up-sms-account-recovery-lp030001
- Enable mobile account recovery per these steps:
- Install the LastPass browser extension on the browser(s) you use regularly.
- Don't use any "cleaning" or "security" software that may inadvertently delete the LastPass extension or erase the local data stored by LastPass for account recovery. If you do, be sure to "whitelist" LastPass files so that one-time recovery passwords are not disabled or deleted.
- Enable Emergency Access so a trusted contact can recover your vault if you're unable to.
- Create a strong, memorable master password, so you're less likely to forget it!
