Lastpass Extension and 2FA and Authy

I recently started using Brave. Running Version 0.64.77 Chromium: 74.0.3729.169 on my Windows 10 laptop. I installed the chrome LastPass extension. It installed and worked without problem, However, I use 2FA with Lastpass. Each time I restart Brave, I must re-authenticate Lastpass, even though I check the pass to remain authenticated for 30 days.

As a secondary note, I use Authy as my authenticator app. There is a chrome desktop version of Authy which runs fine, but the chrome Authy extension does not recognize the Chrome app, and the new instance of the app will not authenticate under Brave.

Description of the issue:

Steps to Reproduce (add as many as necessary): 1. 2. 3.

Actual Result (gifs and screenshots are welcome!):

Expected result:

Reproduces how often:

Operating System and Brave Version(See the About Brave page in the main menu):

Additional Information:

I also have this issue.

@presitt.man,
Are you authenticating into LastPass via the extension or are you using the website to login first?

I’m Authenticating via the Lastpass extension as I used to with Chrome but dispite initialy checking the ‘Remember for 30 days’ box it asks for the password every time I open Brave.

Welcome @presitt.man and @Tromstar. I use this all the time (LastPass Extension and Authy; also Authy and LastPass standalone app at times) and don’t encounter what you’re describing, which sounds like a simple LastPass extension settings issue. The first thing to check is whether you’ve checked “Trust this computer for 30 days” box when you’re entering your authentication code. If not, check it and you won’t have to do TFA for thirty days. UPDATE EDIT: Missed @Tromstar’s note that they are checking the box, which leads me to wonder if they have Brave set to automatically delete cookies upon exit.


Another area to check is the extension’s settings. Right click the extension’s icon and select options.
image

That opens a new tab with the various options of when to reauthenticate.
image

Sorry, @Tromstar, missed that you are checking the 30day box. Do you have Brave set to delete all cookies when you exit?

@presitt.man,
Can you try logging in via the lastpass website instead?

OK - The good news. I logged on through the website (usually just use the extension if necessary), and it had no immediate effect on the extension, but when I restarted (several times now) the browser, Lastpass stayed logged in and did not ask for reauthentication.

Some confusing things - All this had transpired on my HP Envy Laptop. This morning I installed Brave on my Dell XPS 8930 desktop. I authenticated the first time through the Lastpass extension. It has stayed authenticated over numerous restarts.

On the HP laptop, before solving the issue via website login, what I did observe is when I started Brave, ever so briefly, the Lastpass icon would start up red & then turn black with the request for 2FA authentication coming up in a separate window.

Thanks for the help & fix.

OK, realizing that I hadn’t actually tried this in Windows for a while, I fired up a test persona in Brave 0.68.10 Chromium: 75.0.3770.38 (Official Build) nightly (64-bit) on Windows 10. OS Version 1809 (Build 17763.503) and tried some things. I couldn’t get it to mimic the reported behavior by setting Brave to delete all browsing data on exit, so that doesn’t appear to be it.

As I wrote the above, @presitt.man posted their update. Is there security software on your HP that is not on your Dell? My thinking is that it might be blocking the LastPass extension from doing whatever it does to know that it should not require TFA when you check the box, and by logging in with the website, you circumvent that blockage.

The HP is running Avast Free while the Dell is running McAfee. Aldo running Version 1809 of Windows on both Machines. Tend to have a lot more stuff installed on the Dell desktop then the HP Laptop.

Until installing Brave, I was running latest standard version of Chrome on both machines. No issues prior to Brave with using Lastpass extension, only authenticating through the extension, which was seldom necessary. But, your theory is as good as any - especially since it produced results.

Thank you for your suggestion @hntong I’ve just checked and cookies are not set to delete on browser exit, just to be on the safe side I’ve now reset all the Brave settings to default, but still no solution.

Thank you for your suggestion @presitt.man I’ve tried logging in via the lastpass website but it appears to have no effect on the extension.

OK, I’ve now managed to reproduce this on a different computer:
Fresh install of Brave, Logged in And Sinc, Added The Lastpass Extension, Logged into the extension, Entered 2 Factor code and checked ‘Remember for 30 days’

Closed Brave Browser and then re-opened and (unlike on chrome) the Lastpass extension has lost it’s login.

Well, glad it’s not just me. Did you subsequently log in via the web? And if so, did that resolve the issue?

Sorry, @presitt.man forgot to mention, I did login via the web and it did not resolve the issue for me.

@Tromstar,
See if allowing all cookies on the lastpass website resolves the issue.

1 Like

SOLVED! Big thank you @Mattches that was the solution. logged into LastPass on the web, Opened ‘Settings’ , ‘Advanced’, Privacy and Security ‘Site Settings’, ‘Cookies’ ‘Allow’ and add lastpass.com

1 Like