Log in through the extension

LastPass is best experienced through your browser extension. Install LastPass for Firefox to automatically login to sites as you browse the web.

Install LastPass Close
logo_heavy-hero_yubico-svg

Authentication

Simple, Secure Authentication with YubiKey

Reduce password-related friction by enabling passwordless login to your LastPass vault or multifactor authentication using YubiKey, a FIDO2-certified hardware key.

illustration_8col_yubikey-passwordless-login-chrome-web-vault-svg

Passwordless desktop vault access with YubiKey

LastPass now offers the flexibility to remove the master password when accessing your vault. If you enable passwordless login with YubiKey, a FIDO2-certified hardware key, you can simply and securely access your vault on trusted desktop devices without entering your master password.

The process is simple, too. All you need to do is enable passwordless login – for each trusted device – within your account settings. From there, the next time you need to access your vault, you’ll be prompted to insert your registered YubiKey into your device to log in to your vault.

How to set up a USB security key for passwordless login in LastPass


illustration_8col_white-yubikey-mfa-mobile-login-svg 

Phishing-resistant multifactor authentication for LastPass

If you’re not ready to go passwordless and want to deploy a reliable MFA solution, YubiKey is your choice. By using modern protocols such as WebAuthn and FIDO2, YubiKey makes your logins immune to attackers and phishing-related cybercrime.

YubiKey works seamlessly with LastPass Premium, Families, Teams, and Business plans. It is also available on all major browsers and across multiple platforms (iOS and Android) with the LastPass App.

How to set up YubiKey multifactor authentication

Learn more about authentication for LastPass

Solution

Passwordless authentication

Reduce the use of passwords in your business by enabling passwordless login to the vault on desktop and mobile devices.

Solution

Authentication

Explore authentication options that LastPass provides: single sign-on, multifactor authentication, adaptive authentication, workstation access, and many more.

Datasheet

Passwordless is Possible

Learn why your business should go passwordless and enable employees to login to the LastPass vault with the LastPass Authenticator app.

Leading the charge to pervasive password[less] protection

Millions

Customers secure their passwords with LastPass

trustbadgeg2topsecurity20232xpng

Best Software Awards for Best Security Product

G2

trustbadgefortresscybersecurityaward2x1png

2023 Fortress Cyber Security Award

Authentication and identity

trustbadgeg2leaderwinter20232xpng

Leader in Password Management

Based on 1,305 reviews

100,000+

Businesses choose LastPass

Get started with LastPass Business

No credit card required for trial. After the trial, Business is $7 per user/month.

Frequently asked questions

What is YubiKey?

A YubiKey is a key to your digital life. A small, physical device you plug into your computer or connect to your phone via NFC, Yubikey provides an additional layer of security to your online accounts and services by requiring a hardware key for login – a process called two-factor authentication (2FA) or multifactor authentication (MFA).

This hardware-based approach mitigates the risk of unauthorized access, making it an indispensable tool for safeguarding sensitive information in an increasingly digital world. Its security capabilities and simplicity make YubiKey a preferred choice for users prioritizing digital safety.

Millions of people worldwide trust Lastpass and Yubico to protect their online accounts. Together, they provide a solution which eliminates password fatigue and provides an easy, secure way to access passwords at home.

Learn more about the setup, compatible YubiKeys at Yubico website

Which LastPass plans support YubiKey?

  • For passwordless login: users with any LastPass plan, including Free, can use YubiKey for passwordless vault access.
  • For multifactor authentication: only users with a LastPass Premium, Families, Teams, or Business account can use YubiKey for MFA (including trial period).

Can YubiKey replace a password manager?

No. While you can store some passwords on a YubiKey device, not all websites support YubiKey authentication. Additionally, you cannot store personal information like banking information, secure notes, or personal documents and securely share them as in LastPass.

As a FIDO2-certified key, YubiKey can become your additional layer of protection to your LastPass vault through multifactor authentication (MFA). And now, it is also an option for passwordless login to access your LastPass vault.

Are there limitations to YubiKey?

  • While LastPass supports up to five (5) YubiKeys for use with your LastPass account, only the YubiKey in Slot 1 will be used for authentication when logging in to your vault when in offline mode.
  • Also, YubiKey does not support passwordless login to the vault on mobile; rather, on mobile it only supports enablement of multifactor authentication.

What is FIDO2?

FIDO2 (Fast Identity Online 2) authentication is an open authentication standard developed by the FIDO Alliance that provides a more secure and convenient way to log in to online services, including the LastPass password manager vault. LastPass, as a FIDO Alliance board-level member, helps to develop specifications and raise awareness of this technology.

FIDO2 relies on public-key cryptography, which is much more secure than traditional password-based authentication. Instead of using a password that can be easily compromised or forgotten, FIDO2 uses a private key stored securely on the user's device and a public key registered with the online service. This ensures the user's credentials remain protected even if the service's database is breached. Like the LastPass zero-knowledge model, private keys never leave the user’s device and are never stored to the server.

Learn more about FIDO2

What is phishing-resistant MFA?

Phishing-resistant MFA is an authentication process which protects your accounts against attackers as well as stopping you from revealing login information to unverified sources and websites. Phishing-resistant MFA requires a few qualities:

  • It needs to rely on a user’s identity for authentication.
  • Authentication can only ever be performed by a private key, which is usually hardware.
  • Authentication cannot be completed by someone impersonating a user or their hardware key.
  • Authentication is only approved by the user, who must initiate and authorize the login.

YubiKey is phishing-resistant because it is a FIDO2-certified hardware key which is physically used by a user to authenticate their and identity and authorize access.

Learn more about phishing-resistant MFA

Don't see your questions here? Visit Support Center.