SOLUTION

Passwordless authentication

Prioritize the user experience while protecting yourself against human-error data breaches with FIDO2-certified passwordless login to the LastPass vault.

Try Business Max Free

Request demo

No credit card required for trial. After the trial, LastPass Business is $7 per user/month.

illustration_left-hero_passwordless-solution-svg

Going passwordless is a no brainer

74%

of people forget and reset a password at least 1-2 times per month.

57%

of businesses have passwordless technology on their roadmap.

35%

of businesses experienced a password-related breach in the past 2 years.

illustration_6col_passwordless-browser-vault-login-biometrics-svg

Put master passwords on cruise control

Master passwords may be the private key to a user’s password vault, but every IT help desk knows that lockouts and password resets still happen. Passwordless login removes password memorization altogether.

icon-s-light_illustrative_brand-lastpass-authenticator-svg

LastPass Authenticator app

Enable passwordless login to your vault on desktop using the LastPass Authenticator app for mobile devices. Approve a push notification or certify a one-time password and you’re logged in. Available for download on iOS and Android.

icon-s-light_illustrative_face-id-mfa-passwordless-svg

FIDO2-certified biometrics

With biometric multifactor authentication (MFA), a user’s identity becomes their security key. Users can use facial recognition or fingerprint scanning to log in.

icon-s-light_illustrative_usb-key-flash-drive-svg

FIDO2-certified hardware keys

Protect yourself against brute force attacks with a FIDO2/WebAuthn hardware token like YubiKey or Feitian keys.

Learn about passwordless vault login

illustration_6col_passwordless-admin-enable-svg

Set stronger security standards with less friction

Simplify the user login experience

Avoid password reuse, remove password-related friction, and make it easier for employees to log in to their LastPass vault.

icon-s-light_illustrative_multiple-shields-svg

Protect employee access everywhere

Enhance access management by giving users immediate and consistent access to all the credential-based logins they need, not just those covered by single sign-on (SSO).

icon-s-light_illustrative_admin-dashboard-svg

Increase user adoption rates

A simplified user experience translates to higher adoption rates, which can help your business improve password practices and significantly reduce the risk of data breaches.

icon-s-light_illustrative_workstation-mfa-svg

Secure every workstation

Enable workstation MFA passwordless access to allow user’s access to their work-specific computers free from passwords.

Try free for 14 days Request a Demo

illustration_6col_passwordless-fido2-collage-svg

What’s next for passwordless login?

Passkeys in the LastPass vault

Create, store, and access passkeys – cryptographic key pairs built on phishing-resistant FIDO and WebAuthn standards that replace passwords – right in your vault to provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices.

icon-s-light_illustrative_passwordless-svg

Remove master passwords completely

Experience a seamless, end-to-end passwordless experience where the master password is truly no longer required.

Built on a foundation of security expertise

Millions

Customers secure their passwords with LastPass

100,000+

Businesses choose LastPass

Learn more about passwordless

eBook

Limitations of MFA & SSO: our passwordless future

Download the eBook

Infographic

LastPass + FIDO Alliance: embracing the passwordless future

Explore the infographic

Webinar

Passwordless security Q&A with FIDO alliance

Watch on-demand

View all resources

Frequently asked questions

Passwordless authentication is a set of solutions which secure user logins. This is a solution of passwordless access to the LastPass vault, save and autofill, single sign-on (SSO), and federated login.

Passwordless vault access allows a user to log in to their LastPass vault without having to type in their master password, protecting users and businesses against brute-force attacks, credential stuffing, and phishing. Instead of their master password, they log in with the LastPass Authenticator app, FIDO2-certified biometrics, or a FIDO2-certified hardware key.

Passwordless authentication works by verifying a user’s identity not with a master password, but a user’s attributes, whether that be a hardware key, a user’s physical identity, or a one-time password (OTP) sent to their mobile device.

A user logs in using a possession factor: something they own (a smartphone or hardware key) or their physical characteristics (face or fingerprint scan).

A user will be prompted to complete their preferred method of passwordless login when attempting to log in to their LastPass password vault. Once completed, in addition to any other MFA methods, a user is granted access.

Passwordless login is technically safer than multifactor authentication (MFA), but how?

MFA still involves passwords: with MFA, you enter your username and password and then complete steps of MFA, whether it’s a two-factor authentication process like a one-time password (OTP) or MFA like an OTP plus a fingerprint scan.

So while MFA is a secure access management solution, passwordless authentication is technically safer because it doesn’t involve a password at all. Instead, a user logs in using their identity, whether it’s a device they own or their physical attributes.

LastPass Business admins can enable and implement passwordless authentication from their LastPass Admin Console.

To enable passwordless authentication, admins have to first add the policy. They can do this from the Policies > General Policies section of their Admin Console. Select a New Policy then search for and select Allow passwordless login. Once set, the admin must choose to enable the policy.

Once enabled, admins can Edit policy users to manage, add, or remove users regarding the policy. How you go about implementing passwordless authentication is up to you and your business’s needs, whether you want certain users to complete additional contextual methods before they gain access or whether you want adaptive MFA in place for all users.

Yes, LastPass supports biometric authentication for a passwordless vault or workstation login. Users can use any FIDO2-certified authenticator, including Windows Hello and Apple’s Touch ID for desktop computers, as well as Face ID, Touch ID, or biometrics for mobile – Android only supports fingerprint scans at this time).

Magic links are a form of passwordless authentication. Magic links allow a user to log in by entering their email address after login, wherein the system server will send them an email with a magic link which, when clicked, grants them access to their account. While passwordless, magic links are not as safe as the methods supported by LastPass’ passwordless authentication.

Yes, users still need their master password. Passwordless technology is rapidly evolving, and while the goal is to remove the master password altogether, this must be accomplished in phases. For now, the master password will exist to validate security-related changes to account settings and in the case of a declined authentication attempt. Users will need their master password less frequently, so be sure to set up account recovery options so they’ll always have a backup way into their account.

Yes. LastPass has obtained FIDO2 Server Certification, meaning it is certified by FIDO2 – after undergoing meticulous security and performance testing – to be ready for scalable deployment to market. This means LastPass provides a true passwordless login experience for customers, attained through passwordless mechanisms that include biometrics – face and fingerprint ID – and hardware security keys, like YubiKey and Feitian.

Don't see your questions here? Visit Support Center.

Get started with LastPass for Business

Try LastPass free Contact sales

No credit card required for the 14-day trial.