SOLUTION

Passwordless authentication

Prioritize the user experience while protecting yourself against human-error data breaches with FIDO2-certified passwordless login to the LastPass vault.

No credit card required for trial. After the trial, LastPass Business is $7 per user/month.

illustration_left-hero_passwordless-solution-svg

Going passwordless is a no brainer

74%

of people forget and reset a password at least 1-2 times per month.

57%

of businesses have passwordless technology on their roadmap.

35%

of businesses experienced a password-related breach in the past 2 years.

illustration_6col_passwordless-browser-vault-login-biometrics-svg

Put master passwords on cruise control

Master passwords may be the private key to a user’s password vault, but every IT help desk knows that lockouts and password resets still happen. Passwordless login removes password memorization altogether.

  • icon-s-light_illustrative_brand-lastpass-authenticator-svg

    LastPass Authenticator app

    Enable passwordless login to your vault on desktop using the LastPass Authenticator app for mobile devices. Approve a push notification or certify a one-time password and you’re logged in. Available for download on iOS and Android.

  • icon-s-light_illustrative_face-id-mfa-passwordless-svg

    FIDO2-certified biometrics

    With biometric multifactor authentication (MFA), a user’s identity becomes their security key. Users can use facial recognition or fingerprint scanning to log in.

  • icon-s-light_illustrative_usb-key-flash-drive-svg

    FIDO2-certified hardware keys

    Protect yourself against brute force attacks with a FIDO2/WebAuthn hardware token like YubiKey or Feitian keys.

  • illustration_6col_passwordless-admin-enable-svg

    Set stronger security standards with less friction

  • icon-s-light_illustrative_autofill-svg

    Simplify the user login experience

    Avoid password reuse, remove password-related friction, and make it easier for employees to log in to their LastPass vault.

  • icon-s-light_illustrative_multiple-shields-svg

    Protect employee access everywhere

    Enhance access management by giving users immediate and consistent access to all the credential-based logins they need, not just those covered by single sign-on (SSO).

  • icon-s-light_illustrative_admin-dashboard-svg

    Increase user adoption rates

    A simplified user experience translates to higher adoption rates, which can help your business improve password practices and significantly reduce the risk of data breaches.

  • icon-s-light_illustrative_workstation-mfa-svg

    Secure every workstation

    Enable workstation MFA passwordless access to allow user’s access to their work-specific computers free from passwords. 

  • illustration_6col_passwordless-fido2-collage-svg

    What’s next for passwordless login?

  • icon-s-light_illustrative_passkeys-svg

    Passkeys in the LastPass vault

    Create, store, and access passkeys – cryptographic key pairs built on phishing-resistant FIDO and WebAuthn standards that replace passwords – right in your vault to provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices.

  • icon-s-light_illustrative_passwordless-svg

    Remove master passwords completely

    Experience a seamless, end-to-end passwordless experience where the master password is truly no longer required.

  • Built on a foundation of security expertise

    Millions

    Customers secure their passwords with LastPass

    trust-badge_g2-adoption-spring-2024-2x-png

    100,000+

    Businesses choose LastPass

    Learn more about passwordless

    Frequently asked questions

    What is passwordless authentication?

    Passwordless authentication is a set of solutions which secure user logins. This is a solution of passwordless access to the LastPass vault, save and autofill, single sign-on (SSO), and federated login.

    Passwordless vault access allows a user to log in to their LastPass vault without having to type in their master password, protecting users and businesses against brute-force attacks, credential stuffing, and phishing. Instead of their master password, they log in with the LastPass Authenticator app, FIDO2-certified biometrics, or a FIDO2-certified hardware key. 

    How does passwordless authentication work?

    Passwordless authentication works by verifying a user’s identity not with a master password, but a user’s attributes, whether that be a hardware key, a user’s physical identity, or a one-time password (OTP) sent to their mobile device. 

    A user logs in using a possession factor: something they own (a smartphone or hardware key) or their physical characteristics (face or fingerprint scan). 

    A user will be prompted to complete their preferred method of passwordless login when attempting to log in to their LastPass password vault. Once completed, in addition to any other MFA methods, a user is granted access. 

    Is passwordless safer than MFA?

    Passwordless login is technically safer than multifactor authentication (MFA), but how?

    MFA still involves passwords: with MFA, you enter your username and password and then complete steps of MFA, whether it’s a two-factor authentication process like a one-time password (OTP) or MFA like an OTP plus a fingerprint scan.

    So while MFA is a secure access management solution, passwordless authentication is technically safer because it doesn’t involve a password at all. Instead, a user logs in using their identity, whether it’s a device they own or their physical attributes. 

    How do I implement passwordless vault login?

    LastPass Business admins can enable and implement passwordless authentication from their LastPass Admin Console. 

    To enable passwordless authentication, admins have to first add the policy. They can do this from the Policies > General Policies section of their Admin Console. Select a New Policy then search for and select Allow passwordless login. Once set, the admin must choose to enable the policy.  

    Once enabled, admins can Edit policy users to manage, add, or remove users regarding the policy. How you go about implementing passwordless authentication is up to you and your business’s needs, whether you want certain users to complete additional contextual methods before they gain access or whether you want adaptive MFA in place for all users. 

    Read more about enabling passwordless vault policy

    Can biometric authentication be used for passwordless login?

    Yes, LastPass supports biometric authentication for a passwordless vault or workstation login. Users can use any FIDO2-certified authenticator, including Windows Hello and Apple’s Touch ID for desktop computers, as well as Face ID, Touch ID, or biometrics for mobile – Android only supports fingerprint scans at this time).

    What are magic links

    Magic links are a form of passwordless authentication. Magic links allow a user to log in by entering their email address after login, wherein the system server will send them an email with a magic link which, when clicked, grants them access to their account. While passwordless, magic links are not as safe as the methods supported by LastPass’ passwordless authentication.

    Will LastPass users still need their master passwords?

    Yes, users still need their master password. Passwordless technology is rapidly evolving, and while the goal is to remove the master password altogether, this must be accomplished in phases. For now, the master password will exist to validate security-related changes to account settings and in the case of a declined authentication attempt. Users will need their master password less frequently, so be sure to set up account recovery options so they’ll always have a backup way into their account.

    Is LastPass passwordless FIDO2 certified

    Yes. LastPass has obtained FIDO2 Server Certification, meaning it is certified by FIDO2 – after undergoing meticulous security and performance testing – to be ready for scalable deployment to market. This means LastPass provides a true passwordless login experience for customers, attained through passwordless mechanisms that include biometrics – face and fingerprint ID – and hardware security keys, like YubiKey and Feitian.

    Don't see your questions here? Visit Support Center.

    Get started with LastPass Business

    No credit card required for the trial. After the free 14-day trial, Business is $7 per user/month.