LastPass improves passwordless logins with FIDO2 authenticator support for desktops
Lastpass, maker of the password management service of the same name, announced today that customers may now use FIDO2 compatible authenticators on desktop devices for passwordless logins to their vaults.
The new feature is available for all customers, including free users, premium users, families and also business customers.
Up until now, LastPass customers had to use the LastPass Authenticator application on desktop devices for passwordless sign-ins. The company launched biometric authentication support for passwordless logins on mobile, but not on desktop; this changes with today's announcement that FIDO2 compatible authenticators may now be used on desktop devices.
Customers who use the LastPass Authenticator application to sign-in to their vaults may continue using so, as nothing changes on that front. There is the possibility to switch to using a different authenticator now, and customers who never enabled passwordless login support for their account may select either of the available options, if they want to set up passwordless authentication for their account.
FIDO2 compatible authenticators include biometric sign-in options provided by the operating system, e.g., Windows Hello on Windows devices, and also compatible hardware keys, such as Yubikey. How users authenticate the sign-in depends on the selected method. It may happen via a scan of their face or fingerprint, approving a push notification, or verifying the login via a hardware key.
Passwordless is a new form of authentication that is designed to replace passwords entirely in the future. The main idea behind the authentication standard is create secure keys locally on devices and use these for authentication. Instead of having to type passwords to submit their hashes to sites, which need to have the hashes stored to verify login attempts, nothing critical needs to be stored by the sites. While some data needs to be stored, this data alone is worthless. Passwordless eliminates phishing threats, certain network spying attempts and more.
LastPass has created and published a short introductory video:
LastPass customers have three options now when it comes to passwordless sign-ins: use the LastPass Authenticator app, use a FIDO2 compatible system that uses biometrics, or use a FIDO2 compatible hardware key.
Some of the company's applications and extensions may not support FIDO2 yet, judging from this paragraph of the announcement: "With FIDO2 Authenticators, LastPass Free, Premium, Families, Teams and Business customers will have more options when it comes to setting up passwordless login to the vault on desktop browsers and Chrome and Firefox extensions, Safari browser extension and desktop application support is coming soon."
Existing users may check out the following support page for guidelines on enabling passwordless authentication for their account.
Now You: does your password manager support passwordless authentication??Advertisement