Desktop LastPass users will now be able to log in using the LastPass Authenticator app rather than having to type their master password. It’s part of the industry’s attempt to ditch passwords and move toward a passwordless future. Password manager LastPass is rolling out a new “passwordless” method to access its desktop vault today. Previously, users had to type in their master password to unlock the company’s desktop vault (and its stored passwords). Now, they’ll be
Previously, users had to type in their master password to unlock the company’s desktop vault (and its stored passwords). Now, they’ll be able to authenticate access via the company’s mobile app. This will include the option to use your phone’s biometric login features, like face and fingerprint unlock.
LastPass is characterizing this as a “passwordless” login, but it’s important to note that your master password isn’t going anywhere anytime soon. LastPass’ chief secure technology officer Chris Hoff says master passwords will still be necessary to register a LastPass account, add new trusted devices, make changes to an account, or type in if a passwordless login attempt fails. But the hope is that this new authentication approach can be a first step toward phasing out the master password entirely, as the industry moves toward passwordless authentication using standards such as FIDO.
“LastPass is excited to be the first solution and only password manager to allow users to securely and effortlessly login, manage their account credentials and get instant access to the accounts used every day — without ever having to enter a password,” said LastPass’ Hoff.
Today’s announcement is focused on desktop LastPass users, who currently aren’t offered any biometric login options as an alternative to typing in their master password. Meanwhile, on mobile, the company’s apps already offer biometric login options including fingerprint and face unlock.
The changes come a little over a year after LastPass made significant changes to its pricing structure, which vastly restricted the usability of its free tier. Last March, it restricted free users to only being able to access their passwords on mobile or desktop — not both. The company behind the service has also gone through changes after previous owner GoTo (then known as LogMeIn) announced plans to spin LastPass out into an independent company late last year.
LastPass’ new passwordless feature is rolling out from today and will be available to all users, regardless of whether they’re on a free or paid tier.
Update June 6th, 10:18AM ET: Updated to confirm that passwordless login will be available to users of the service’s free tier, and that the app can be protected with biometric security.LastPass’ mobile app offers access to your desktop vault without a master password View Story