X
search

LastPass Finally Allows Desktop Users To Bypass Master Password

Pictured: Chethan Rao
By Chethan Rao
June 07, 2022
Featured image for LastPass Finally Allows Desktop Users To Bypass Master Password

Regarded as one of the top password managers, LastPass is adding a new “passwordless” system that lets users access the desktop vault without entering the master password. This requires a mobile device with the LastPass app installed, effectively allowing users to bypass the master password.

The master password will continue to exist despite the arrival of the LastPass passwordless system

This solution leverages the users’ mobile device as an authenticator for the LastPass desktop vault. LastPass will allow the use of biometric authentication like face or fingerprint-based unlock. What’s even better is that this feature will roll out to every LastPass user and not just paying subscribers.

“LastPass is excited to be the first solution and only password manager to allow users to securely and effortlessly login, manage their account credentials and get instant access to the accounts used every day – without ever having to enter a password,” Chief Secure Technology Officer at LastPass, Chris Hoff said.

But this doesn’t necessarily mean the death of master passwords altogether. New account registrations, account changes, adding a new trusted device, or failing to authenticate using the passwordless system will require the user to type in the master password. This is a necessary security measure in case the user loses their phone. LastPass hopes to eliminate master passwords in the future and rely on newer standards like FIDO.

LastPass’ announcement is significant for desktop users as they currently don’t have biometric sign-in options. As The Verge points out, LastPass mobile apps already support biometric authentication using the onboard hardware.

Free users of LastPass can access their passwords on either the desktop or mobile app, but not both

Customers of the free version of LastPass have felt squeezed by the company since it introduced changes to its subscriptions. Free users can only access their passwords on a mobile device or the desktop, but not both.

The password manager also went through a shakeup last year as it was spun off into an independent entity. The CEO of LogMeIn (now GoTo), Bill Wagner, said the move would allow the company to “strategically increase focus, investment, and support in LastPass.”

  翻译: