We Can Help
Why can I bypass 2 Factor Authentication to login to the current site my browser is on?
To validate your multifactor token, multifactor authentication requires that you have an Internet connection: if you do not pass LastPass a correct multifactor token, LastPass will never release your encrypted data. However, LastPass also has an 'Offline Mode': it keeps a locally cached encrypted copy of your data on your local device so that you'll still be able to access your data even in the event that you do not have Internet access. When you log in to LastPass we first log you in offline to the locally cached copy of your data and then try to log you in online. As a result, you might experience cases where LastPass fills in credentials before you provide us your LastPass multifactor token. If you want to prevent this behavior, do the following:
Clear your Local Cache:
- Log into LastPass
- Click on the LastPass Icon > Tools > Clear local cache
- Logoff LastPass
or Disable Offline Mode
- Go to your account settings.
- Click on the Multifactor Tab
- Toggle 'Permit Offline Access' to 'Disallow'