Login and credential FAQs in LogMeIn Pro

Verify your account email address

Email confirmation is required when signing up for an account to confirm that the email address used was a valid address.

Note: As of 2023, LogMeIn Pro and LogMeIn Central accounts are continuously moved to a new login platform. When your account is moved, you have to reset your password and verify your account.

In order to confirm that your email address is valid and working, you need to select the link inside the email titled "Please activate your account". If you have not received the email in your inbox, you should search through your spam and/or junk mail folders, as it may have been filtered to one of these folders.

Note: The confirmation email will be sent to the email address you used when you set up your account. You will have 7 days from the time the account was created to confirm your account.

Failed login email notifications

As you may have seen in recent news, lists of hundreds of millions of user credentials taken from past breaches (mostly at social networks) are being used for a variety of recent nefarious activity on high profile sites like Netflix and Facebook.

Receiving failed login emails

As part of GoTo's continuous efforts to improve security, we send out email alerts to notify our customers about login activities.

A failed login attempt notification from GoTo means that an attempt to log into your account was not successful. Receiving these emails may indicate an automated attempt to log in by using credentials obtained through 3rd party breaches. Failed attempts mean that you're probably following GoTo's best practices of regularly changing your password, using complex passwords and/or have used two- factor authentication to further secure your account.

Disruption not found at GoTo

We have found no evidence to suggest that there has been a breach of GoTo's systems. We are seeing an increased number of login attempts, likely from hackers testing reused passwords (taken from 3rd party breaches) to obtain access to your account.

Actions you need to take

To verify your account activity, please log in to your account, select your LogMeIn ID in the upper-right corner, and select Account Settings > Security > Audit log.

If the login attempt was you and it was just an incorrectly typed password, please consider using a password manager such as LastPass to help save and auto-fill your passwords for the future. If the login attempt was not you, we highly recommend that you follow the best practices below.

Other precautions to consider

Please ensure that you have followed our recommended best practices on password complexity below and enabled two factor authentication where available. Additional online security best practices include:

Never use the same password across different online services, applications and websites.
Regularly change passwords for both your computers and your online accounts.
Use a password manager.
Always be vigilant to avoid phishing attempts. Here's a quick primer.
Enable 2-step or 2-factor authentication on your online services and applications, if it is offered.
Here's how you can turn on 2-factor authentication for your account.

Best practices on password complexity

A strong password must match the following requirements:

Contains 12 characters or more.
Made of capital letters, lowercase letters, and numbers.
Is changed every 90 days.
Does not match your LogMeIn ID.
Does not match any of your four most recent passwords.

Retrieve a forgotten account email address

If you don't know the email address to which your host computer is associated, you can find out by performing the steps below.

Select Start.
Select All Programs.
Select LogMeIn Control Panel.
Select the Overview tab. The email address the computer is attached to will be listed.

Unblocking a locked account

If you become locked out of your account, an email will be sent to your registered account email address. This email will contain a link that will allow you to unlock your account.

If you have not received this email within a few hours of the lock, please check your spam folder to ensure it was not blocked. If you don't receive an email, see Why didn't I get my "Reset Password" email for my GoTo account?

If you try to unblock your account by selecting the link in the email and your link is expired, you can try resetting your account password.

For more information on resetting your password, see Reset Password FAQs

Reporting a stolen laptop/desktop/personal computer

If a computer running the host software has been stolen, you can use the host service to retrieve information that may be useful to the authorities.

Here's what to do:

Log in to your account. The Home page (computer list) is displayed.
Watch for the stolen computer to come online.
When the computer comes online, select the Properties link for that computer.
In the General Settings you will see the last IP address from which the computer connected.
Give the IP address to the police.

Note: This is the only information available that can assist the authorities. GoTo support cannot assist in any other way. We can help you locate the IP address from which the computer connected to the Internet, but you must rely on law enforcement officials to do the rest.

LogMeIn Pro's compliance with PCI standards

GoTo understands that organizations that store, process, or transmit cardholder data must meet strict requirements to be PCI compliant. PCI compliance specifically relates to the security and controls around the payment applications and cardholder data within the merchant's IT environment.

LogMeIn Pro is not a payment solution and at no time does GoTo handle, process, or store credit card data; therefore, LogMeIn Pro falls outside of the scope of PCI review. According to the PCI Security Standards Council, it is the merchant or service provider's responsibility to ensure that they are using only products that support compliance. The role of GoTo (LogMeIn Pro in particular) is to provide secure remote access and systems administration to PCI-compliant organizations without compromising compliance. There is currently no PCI evaluation or certification process for third party applications like LogMeIn Pro. As a result, the question "Is LogMeIn Pro Compliant?" is not the right question. As noted, the valid question is "How does GoTo help organizations comply with PCI requirements?"

GoTo services are FIPS 140 certified and validated

GoTo servers utilize FIPS-validated cryptographic modules provided by Microsoft but do not force the use of cryptographic algorithms that are FIPS 140 compliant or in compliance with FIPS approved modes of operation.

GoTo does not provide cryptographic products or components; therefore GoTo itself cannot apply to receive a FIPS 140 security level rating or validation.

Redeem LastPass Premium with a LogMeIn Pro subscription

LogMeIn Pro users are no longer eligible for free LastPass Premium.

About password security in the Client app

We never keep or store or keep a copy of your passwords. All password information is encrypted to the local device and maintained by you, the end-user.

GoTo takes the security of your saved passwords very seriously. We have in place mechanisms to protect your passwords when you opt to save them in the Client.

Desktop version - Passwords are stored in the registry, encrypted with CryptoAPI.
USB/U3 version - Passwords are stored in an XML file, and encrypted in AES and RSA.

Clear saved passwords in the Client desktop app

Two types of passwords can be saved in the Client desktop app.

Account Password

To prevent automatic login on a device, you must make sure the device is not saved as a trusted device.

Open the Client and select File > Log out. The login screen is displayed.
Select LogMeIn.
Make sure you have NOT selected I trust this device. Keep me logged in.
Select Log in.

Computer Passwords

Option 1:

Open the Client and log into your account.
Right-click the computer that needs its password removed.
Select Properties.
Clear the password fields by highlighting the text with your mouse and pressing Delete.
Select OK when you are done.

Option 2:

Open the Client.
Log in.
Select the computer you want to work with.
Select the info button for that computer.
At the bottom of the computer info screen, select Forget stored credentials.

Clear stored passwords in Internet Explorer

You can delete all your stored passwords in Internet Explorer.

Important: This will remove ALL stored usernames and passwords in Internet Explorer. There is no way to remove specific site passwords in Internet Explorer.

Open Internet Explorer and select Tools at the top of the window.
Choose Internet Options.
Select the Content tab.
Under AutoComplete, select the Settings button.
Select the Delete AutoComplete History button.
Select OK in both windows and restart Internet Explorer.

Use LogMeIn Hamachi with a valid, working email address

To use LogMeIn Pro, the email address you entered when you registered for a LogMeIn Pro account must be legitimate.

If it is not, you will not be able to receive correspondence from us regarding updates to the website and software, billing issues such as a declined renewal attempt, and optional promotional offers we may send from time to time.

You will also not be able to change your LogMeIn Pro account password if you forget it.

After you create a LogMeIn Pro account, you will be prompted to confirm your email address by selecting a link inside an email from GoTo. You will not be able to purchase a subscription if you do not do this, and after a few days grace period, you will not be able to access to account functionality until you confirm.