LastPass has announced that its password manager users can now log into their private vault without a master password.
With the new system, customers will authenticate their identity through LastPass Authenticator, using biometrics or fingerprints. Support for physical security keys will be added later.
According to LastPass, this new feature makes their service the first of its kind to offer passwordless authentication.
A future without a password
Passwordless login has a number of advantages, especially in the context of password managers, which house a treasure trove of personal information and account credentials.
The main advantage is that biometrics-based authentication systems are immune to phishing, password stuffing attacks, and security risks created by password reuse (for example, breaches of passwords provided by third parties).
LastPass also predicts that the introduction of an easier way to log in (one that doesn't involve typing and retyping the same complex password) will encourage more people to adopt password managers in the first place, thereby minimizing the risk of account hacking. .
Users will initially need to set a master password when opening a new LastPass account, but the ultimate goal is to move to a fully password-based system in the future.
"On the heels of tech giants and identity providers revealing their plans to enable passwordless technology across their operating systems, web browsers, devices and apps, LastPass is pleased to be the first and only password manager to enable users to effortlessly and securely log in, manage their account credentials and get instant access to the accounts they use every day, without having to enter a password," said Chris Hoff, director of secure technology at LastPass.
"While large-scale deployment and adoption of passwordless technology is the ultimate goal of the industry, it will be years before people discover end-to-end passwordless login across all apps, but LastPass takes it before".