• ARTICLES
SEARCH

How-To Geek

How to Make LastPass Even More Secure with Google Authenticator

Storing your passwords in the cloud is convenient, but security can be a concern. LastPass provides two free multi-factor authentication methods to lock your password vault up tight: a mobile app or a piece of paper.

With two-factor authentication, you need more than just your password to log in. Even if your LastPass password is captured by a keylogger, no one can log into your account without the second authentication key. Only one two-factor authentication method can be enabled at a time, so choose the one you prefer.

Google Authenticator

LastPass supports Google Authenticator, which is officially available as an app for Android, iPhone, iPod Touch, iPad and BlackBerry devices. Unofficial apps are also available for Windows Phone, webOS and Symbian.

After you’ve installed the Google Authenticator app on your mobile device, click here and log in with your LastPass account. The link will take you to the Google Authenticator tab in your LastPass account’s Settings window.

Launch the Google Authenticator app on your mobile device and use the scan function to scan the QR code displayed on your screen. If your device doesn’t have a camera or you’d rather type in a code manually, you can click the “Click here if you’re unable to scan the barcode” link and use the Manually Add Account function to type in the displayed code.

Your LastPass account will appear in the list after you add it.

Next, click the Google Authenticator Authentication drop-down box and set it to Enabled. You’ll be asked to enter the current code from your Google Authenticator app. After that, click Update and you’ll be secure.

The next time you log into your LastPass account from an untrusted device, you’ll be asked for your current code. Each code is temporary; the codes change every 30 seconds. LastPass allows you to disable the authentication via an email confirmation if you ever lose your mobile device.

Grid

Don’t have a mobile device or just don’t want to use one? Don’t worry, LastPass also offers a paper-based multi-factor authentication system known as “grid.”

To enable grid, access the LastPass website and log into your LastPass vault. Click the Settings link at the left side of your screen to access your account settings.

Access the Security tab and use the Print Your Grid link to view your grid.

Print this grid to a piece of paper; you’ll need it to log in. You may want to print multiple copies.

After you print the grid, activate the Enable Grid Multifactor Authentication check box and click Update.

The next time you log in from an untrusted device, you’ll be prompted to enter several values from your grid. No one without access to your grid will be able to log in. If you lose your grid, you can disable grid authentication via email confirmation.


If either form of authentication is compromised, you can use the “Reset Your Grid” or “Click here to regenerate your Google Authenticator key” link in your LastPass settings window.

LastPass also supports using a USB flash drive, fingerprint reader, smart card or YubiKey as an authentication device. Each requires a LastPass Premium subscription to use.

Chris Hoffman is a technology writer and all-around computer geek. He's as at home using the Linux terminal as he is digging into the Windows registry. Connect with him on Google+.

  • Published 02/6/12

Comments (17)

  1. jim

    This is such a amazing feature for LastPass. I’ve used Google Authenticator for my Google account ever since it was introduced, and I’ve never had a reason to turn it off. Given I have an Android device, so it’s easier for me to utilize this, but it’s still such a great security feature.

  2. Xantes

    Why would I want to make an app more secure – when is actually utterly insecure – when there is already a very secured application called KeePass which is not dependent of any browser?!

  3. Chris Hoffman

    @Xantes

    LastPass isn’t for everyone. But LastPass is actually the most popular password manager among How-To Geek’s readers.

  4. Wasim Fatair

    I didn’t like it because any system can be broken which let’s to disasters!

  5. Bob

    Allowing Google to provide any portion of your security, e-mail or any other services that involve privacy.

    Is about as stupid as one can get.. In fact more I see anyone including Lastpass allow their integration into the Google Matrix.. The less I trust them as well.. Makes me wonder if Lastpass is accumulating/ aggregating search and view data from those who are using Lastpass as well.

    I view Lastpass as a convenience, ok to use for some things.. … But never really trusted them. Was hoping they would reveal themselves either way… They are…. Now I trust them less.

    Bob

  6. Odin

    Everyone who doesnt trust any form of double authentication (either google or lastpass) needs to get back in his basement with a tinfoil hat on. Even if you plan on never coming out of there again, safety still cant be ensured.

    im sick off all the consiparcy BS about any company that gets big.

  7. Chris Hoffman

    @Bob

    Hi Bob, there are many options; you don’t have to use Google. I personally use a physical YubiKey (but this costs money and requires a LastPass Premium subscription.)

    Google Authenticator doesn’t hook into your Google account in any way. You can actually download its source code and inspect it, if you like. It uses open standards to generate the code: http://code.google.com/p/google-authenticator/

    @Odin

    Thank you.

  8. Xantes

    @ Chris Hoffman
    I don’t think so!
    Besides that what you are trying to say is that KeePass sounds rocket science for you and your Geek’s readers! If it is than keep using the no brainier LasstPass! I didn’t learn so far somebody to brag with something like that! I’m stunned!
    Again: you deliberately elude my argument! I didn’t say which compared to other is more popular to whoever, but that your argument doesn’t stand in comparing KeePass that’s much more secured than LastPass. Simple as that!

  9. MeganL

    I mean it’s cool and all that LastPass is doing this but nothing will change the fact that it got hacked twice. I will never go back to LastPass.

  10. Chris Hoffman

    @Xantes

    I wrote the article because LastPass is the most popular password manager among How-To Geek’s readers, so many readers would find the content interesting.

    Your choice of password manager is your own. LastPass doesn’t pay me anything, so I have no interest in trying to persuade you to use their product. I don’t have a horse in this race.

    KeePass is certainly ideal for readers that want a desktop-based password manager. I’ve personally recommended it in a piece I’ve written elsewhere, and we’ve covered KeePass here in the past: http://www.howtogeek.com/howto/4962/securely-store-your-passwords-with-keepass/

  11. Bob
  12. Xantes

    Unfortunately – either out of stubbornness or of not wanting to be informed – KeePass is not a desktop application, ONLY! There are numerous versions for almost any kind of operating system and for almost any type of mobile phones! So again, it’s just that you find a lot of satisfaction of contradicting with your visitors! However your are NOT keen of replying to those who really need answers when they find in that situation of not being able to manage themselves!
    So, please stop patronizing for that you don’t have any arguments whatsoever!

  13. Chris Hoffman

    @Xantes

    I apologize. I’m not intimately familiar with KeePass. My point was that it doesn’t store your passwords in the cloud — it keeps them on your local storage.

    I have no agenda beyond writing useful articles, Xantes. I’m not trying to sway anyone into using LastPass.

  14. Xantes

    @ Chris Hoffman

    Yes, that’s right KeePass DOES NOT store ANYTHING in the cloud! That’s if you do not want!

    But if you do want – with your vast experience you could’ve figured it out – KeePass’ database can be stored in the cloud and moreover be synchronized with Dropbox so that on whatever PC KeePass in installed you’ll always be able to open KeePass and its database in a secure manner without needing copying it to either a flash drive or through your LAN!
    Either on your internal PC’ storage on in the cloud KeePass is much more safer than LastPass and much more versatile since it can be used not only dependable by a browser!

  15. Alexandra

    Mobile apps are hot today. But hiring a developer is too expensive. I used snappii.com to make apps. It’s really easy, the web service allows to make mobile apps in minutes, and without programming skills at all.

  16. Dave

    Hey Chris – ignore the detractor(s) – I found this useful and informative, like most HTG articles. Yes I’m sure you occasionally simplify things somewhat to appeal to a wider, semi-techy audience (that’s me!) – but that will never satisfy some people! To Xantes, I say: if HTG is too elementary for you, why waste your precious time ranting on about it? Go find a site that suits high-powered techies like you :P

  17. Chris Hoffman

    Thanks a lot, Dave!

    Part of the article — of course — to say “hey, this exists, check it out.” I’m sure lots of LastPass users haven’t heard of this.

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!