PRODUCT OVERIVEW

Designating LastPass Admin roles in your organization

From IT service companies to marketing agencies, businesses of all types need to ensure access to sensitive company data is secure and appropriate. With customizable, role-based permissions in the LastPass admin console, you can give users just the right level of access to do their job, and nothing more.

Employees can be productive, while company data protected.

LastPass includes four types of roles – users, helpdesk admin, admin, and super admin – each with specific functionality so you can give appropriate levels of access to LastPass.

For example:
  • The helpdesk admin is a customizable role, enabling you to choose what is appropriate for IT helpdesk staff in your organization.
  • In the admin console you can designate the helpdesk admin role to IT team members that manage day-to-day internal support tickets on passwords, without giving them access to all of the privileged information in your LastPass account.
  • Or, select key team members to be admins so they can set security policies and provision new users as needed.

LastPass admin console features

Decreased liability

Greater visibility

Increased efficiency

Overview of LastPass admin roles


User

Use case:

These are individual account holders – employees – who only have access to their personal vault and folders shared with them.

Permissions:

  • Access to their own vault
  • Feature usage and access limited by policies through LastPass

Helpdesk Admin

Use case:

The least-privileged admin tasked with day-to- day management of LastPass and supporting employees with their IT questions.

Permissions:

  • Resend an invitation
  • Disable multifactor authentication
  • Require master password change
  • End a user’s sessions
  • Add or disable a user
  • Add or remove groups

Admin

Use case:

These are your IT managers and team leads that have access to all areas of the admin console for ability to deploy, configure, and manage LastPass, such as user provisioning, policy setting, and more. Be sure to protect admin LastPass accounts with MFA.

Permissions:

  • All permissions of the helpdesk admin, plus:
  • Access to all areas of the admin console
  • Enable or disable policies
  • Add or remove users

Super Admin

Use case:

These are your IT managers and team leads that have access to all areas of the admin console for ability to deploy, configure, and manage LastPass, such as user provisioning, policy setting, and more. Be sure to protect admin LastPass accounts with MFA.

Permissions:

  • All permissions of the helpdesk admin, plus:
  • Access to all areas of the admin console
  • Enable or disable policies
  • Add or remove users

Learn More

View As PDF

Download this content as a PDF to use as a reference or to share.

Download File

LastPass Resource Center

All you need to improve security in one password management solution.

Go to Resource Center

Password Generator

Instantly create a strong, secure, random password.

Generate Password

LastPass Blog

Get updates, insights, news and tips from the LastPass team blog.

Stay Up to Date

Get started with LastPass Business