search

lastpass / lastpass-cli

LastPass command line interface tool
GNU General Public License v2.0
2.86k stars 290 forks source link

Not bypassing grid Grid Authentication #157

Open cizmazia opened 8 years ago

cizmazia commented 8 years ago

Does not bypass Grid Authentication with the Permit Mobile Device Access set to Allow, and with Mobile device restriction disabled.

brew install lastpass-cli --with-pinentry --with-doc
lpass login --trust email@server.com

Error: 

Your account settings have restricted you from logging in from mobile devices that do not support grid authenticat
bcopeland commented 8 years ago

This is true -- right now we do not support bypass for CLI, although we may at some point. We probably will not add grid challenge/response to lastpass-cli though.

Might I suggest switching to google authenticator or some other TOTP authenticator? That is a better second factor from a security standpoint. Is there a reason you prefer grid?

cizmazia commented 8 years ago

Thanks for your response! My understanding was that the CLI bypasses 2-factor authentication altogether as if it was a mobile device/bookmarklet. I do not have a smartphone, therefore I prefer grid. Maybe I can enable both grid and Google Authenticator at the same time.

bcopeland commented 8 years ago

I see. In case you didn't know: you can use something like oathtool to generate TOTPs that are compatible with Google Authenticator / LastPass, so you don't necessarily need a mobile phone. Of course, it is a good idea to keep your secret keys protected, e.g. by keeping them on a USB stick that isn't plugged in all the time.