Password Manager LastPass today introduces a new “passwordless” method to access its desktop vault.
Previously, users had to enter their master password to unlock the company’s desktop vault (and its stored passwords). Now they can verify access through the company’s mobile app. Presumably this includes the option to use your phone’s biometric login features such as face and fingerprint unlock, although LastPass isn’t entirely clear on how this will work in practice.
LastPass characterizes this as a “passwordless” login, but it’s important to note that your master password isn’t going anywhere anytime soon. LastPass Chief Secure Technology Officer Chris Hoff says master passwords are still required to register a LastPass account, add new trusted devices, make changes to an account, or enter if a passwordless login attempt fails . But the hope is that this new approach to authentication could be a first step towards completely phasing out the master password as the industry moves towards passwordless authentication using standards such as FIDO†
“LastPass is pleased to be the first solution and only password manager that allows users to securely and effortlessly log in, manage their account information and instantly access the accounts used every day – without ever entering a password,” said Hoff of LastPass. †
Today’s announcement is aimed at desktop LastPass users, who are currently not offered biometric login options as an alternative to typing their master password. Meanwhile, the company’s apps on mobile already offer biometric login options, including fingerprint and face unlock.
The changes come a little over a year after LastPass made significant changes to its pricing structure, which severely limited the usability of the free tier. Last March, it restricted free users to only access their passwords on mobile or desktop – not both. The company behind the service has also gone through changes after previous owner GoTo (then known as LogMeIn) announced plans to turn LastPass into an independent company late last year.
LastPass’ new passwordless feature is rolling out today and will be available to all users regardless of whether they are on a free or paid tier.
Update June 6, 09:48 ET: Updated to confirm that passwordless login will be available to users of the free tier of the service.