LastPass users can't access their accounts and struggle with Multifactor Authentication Reset loop
Jun 26, 2023 at 8:16 AM

LastPass users can't access their accounts and struggle with Multifactor Authentication Reset loop

In May 2023, LastPass , the popular password manager, began asking users to reset their MFA (Multifactor Authentication) as a planned account security measure. The reset process involves pairing the authenticator app again. However, since then, numerous users have been locked out of their accounts because the MFA code is not recognized, and customers are stuck in an infinite loop.

Lastpass explained that they increased master password security with a stronger Password-Based Key Derivation Function (PBKDF2) with SHA-256 and raised the number of password iterations to 600000 rounds. The forced logout and the MFA reset are due to the increased number of iterations.

Unfortunately, users who face the loop can't open official support tickets because login is required. So Lastpass explained the reset process on a support page. First, users need to activate the Continue button after logging in to LastPass. LastPass sends a six-digit security code to the linked email address, which needs to be entered as part of the process. Then, users need to open the authenticator application on their mobile device and scan the QR code displayed in the browser using the application to pair it. It may be necessary to select Replace or Remove to delete the old information. Finally, users need to click Verify, log in to LastPass, and authenticate with the multifactor authentication app.

Moreover, users will also get a second email to verify their device and location. Users are advised to follow the reset process carefully to access their accounts successfully again.

Jun 26, 2023 by Danilo_Venom

No comments so far, maybe you want to be first?
Gu