There has been a lot of talk of a passwordless future recently, but LastPass is now actually offering passwordless logins to its users.
LastPass has now made it possible to access its service without the need for a password. Services like LastPass can be a great way to manage multiple passwords, but they still tend to require the user to have and remember a password. This can also result in security concerns and especially for a service that typically provides access to a number of different accounts.
Over the past year, there has been some movement within the tech industry towards what’s referred to as a passwordless future. In this future, passwords are simply replaced with another device the user has access to. A smartphone or smartwatch, for example. Apple, Google, and the FIDO Alliance in general have already started explaining how this future will unfold. However, LastPass is now one of those that has joined the ranks of actively offering a passwordless solution in the now.
LastPass has rolled out a passwordless way for users to access its vault, and by association, the various passwords, notes, and financial information stored within. While a master password has been required to access the vault, the new feature removes that need and allows the user to authenticate access using the LastPass app instead. For those that don’t want to enable the feature, there’s no obligation to do so, although it is a solution that’s specifically designed to improve the security of a LastPass account. The new passwordless login solution is available to LastPass Free, Premium, and Families users, in addition to LastPass Business and Teams customers.
How LastPass’ Passwordless Feature Works
Even though a password is not technically needed now, an app is. With the LastPass Authenticator app installed on a device, the user can simply fire up the app and confirm it is them trying to access the vault. In the most basic sense, the LastPass Authenticator app works the same as any other service or app where two-factor authentication is enabled and an app like Google like Authenticator is used to verify the login attempt. For reference, the master password will still act as the ultimate method of authentication. For example, it will still be needed if there are too many failed password login attempts, to register new devices, and to create a LastPass account to begin with.
Still, considering this is an extra layer of security, it is expected to make LastPass accounts, and the passwords stored within them, much safer. There are some other benefits as well. For example, it will offer the opportunity for users to make their master password even more complicated in the future. Even though this will also make it harder to remember, it will be used far less often, if ever. Not to mention, it will also make it harder for bad actors to guess and gain access to a LastPass account.
