LastPass is now enabling passwordless logins for people using its LastPass Authenticator. The Authenticator lets people to gain access to all of the credentials stored in their LastPass Vault, and will now allow people to log in with face or fingerprint biometrics instead of a master password.
LastPass plans to supplement those biometric options with support for physical security keys before the end of the year. Both the biometric and hardware token utilities are based on the FIDO authentication standard, with the current version of Authenticator arriving just over a year and a half after LastPass took a position on the FIDO Alliance Board of Directors.
According to LastPass, the new features are being rolled out to help transition people away from password-based security. The company noted that passwords are more vulnerable than other authentication options, and that even many Single Sign-on solutions do not provide comprehensive coverage for every password that employees will need to use at the office.
LastPass, on the other hand, allows people to store all of their credentials in a consolidated location, and then secures that vault with strong passwordless authentication. People will still need to create a master password (at least for now), but they will not need to use it for each login and can therefore choose a stronger password that is more difficult to key in.
Passwordless authentication also reduces IT costs for organizations that will no longer need to deal with as many password reset requests. LastPass is hoping to fully eliminate the need for a master password at some point in the future.
“While broad implementation and adoption of passwordless is the industry’s ultimate goal, it will likely take years before people experience an end-to-end passwordless login across all applications,” said LastPass Chief Secure Technology Officer Chris Hoff. “LastPass helps get you there sooner.”
“Authentication is a critical component of any zero-trust architecture and bringing that to users at scale is how businesses can enable greater security and enhanced user experience,” added FIDO Alliance Executive Director and CMO Andrew Shikiar.
LastPass has been pushing multi-factor and passwordless authentication options since as far back as 2019. The company previously reported that many people failed to improve their security setups when they switched to remote work during the COVID-19 pandemic.