LastPass Authenticator's Cloud Backup option explained
The application is compatible with LastPass accounts, but works also with other services that support two-factor authentication such as Google or LogMeIn. The app supports all services or apps that use Google Authenticator, or TOTP-based two-factor authentication.
Once you have added an account to the app, it either generates two-factor authentication codes continuously when open, or displays confirmation prompts that you need to respond to, to sign-in to the selected service.
LastPass Authenticator is compatible with the company's password manager application, but does not require it. Some functionality is limited however when you don't connect LastPass Authenticator to a LastPass Account.
LastPass Authenticator Cloud Backup
Cloud Backup is a new feature of LastPass' Authenticator application for Android and iOS. It allows you to back up all authentication tokens in the cloud for easy recovery if you have to restore your mobile device or switch to a new device entirely.
The main use of the feature is comfort. Instead of having to set up all two-factor authentication services manually again when you switch smartphones or reset yours, you can restore them from backup instead.
Handy if you run ten or more of these two-factor authentication services in the LastPass Authenticator application.
Cloud Backup requires that you link a LastPass account to LastPass Authenticator. The data is linked to that account then, and account access is required to restore the backup at a later point in time on the same device or another device.
You enable Cloud Backup in the settings under backup. Tap on the menu icon and select Settings to open those on your device. Check the "backup to LastPass" option on the settings page.
What happens then depends on whether you have linked a LastPass account to the Authenticator app already, or not.
If you have, you get a message that asks you to confirm the email address of the account. If you have not, the app walks you through the steps of downloading the LastPass Password Manager application, creating an account, signing in, and linking it to the company's Authenticator application.
Changes made from that point on are synced to the linked LastPass account. This includes, among others, adding or removing services, editing names, or changing the order in which accounts are listed in the application.
LastPass encrypts the MFA data on the device, before it is transferred to company servers. The data is secured in the same way as LastPass password data, which means that LastPass cannot access the data as it is protected by a user's master password.
You can start the restoration process on the apps' start page. Just tap on the restore from backup button there to initiate the restoration. You do need to confirm your LastPass account at this time, and if things go well, all the authentication data is synced to the LastPass Authenticator application afterwards.
One interesting feature of cloud backup is that notifications are only pushed to the most recent device you use. This means that the "old" device won't receive any verification notifications anymore. Codes generated on the old device will continue to work however.
LastPass Authenticator's cloud backup feature is helpful when you switch devices. This can happen after your old device was stolen, or when you purchase a new device.
Users who trust LastPass with their passwords and other sensitive information have no reason not to use the backup feature as well. Those who don't trust cloud saved data won't anyway.
This can be useful if you switch phones or mobile devices a lot, or if you just want to have a restoration mechanism in place when things go terribly wrong.
Now You: What's your take on this new cloud backup feature?Advertisement