Duo Security


LastPass supports multifactor authentication with Duo Security. It is a secure, two-factor authentication application offered for all leading smartphone platforms, including Android, iPhone, Blackberry, and Windows Phone. You can get Duo Security here: https://www.duosecurity.com/editions



Enabling Duo


Once you have authenticated your Duo account, make sure to select ‘Auth API’  from the ‘Integration type’ dropdown at the  ‘New Integration’ login page:


Once you have finished setting up your new integration, then you will need to log in to your LastPass Vault and click Settings > Multifactor Options > Duo Security.


After selecting ‘Enabled’ from the Duo Security dropdown, you will then want to select the ‘Click here to enroll your device with Duo Security’ link. Then, click ‘Start Setup':



You will then see another screen which will prompt you to choose which type of device you would like to enroll to use for two-factor authentication. Please note that LastPass currently only supports the enrolling of a single device:



Select the type of device that you would like to enroll and then click the “Continue” button. You will then be given on-screen instructions on how to enroll each specific device. Once you have enrolled the device(s) that you would like to use for Duo authentication, you can then use it to authenticate you in the login process.



Administrating Duo in Enterprise


You can require Duo for your users via the ‘Require use of Duo Security’ policy. This policy can be enabled for your Enterprise account by accessing your Enterprise console and clicking the ‘Setup’ tab > ‘Add Policy’ button > Select ‘Require use of Duo Security’ or ‘Require use of any multifactor option’ from the dropdown menu:



If you would like to set the username portion of a user’s email address to be used as their Duo Security username, enable the “Use username portion of email address as Duo Security username” policy: