Password management service LastPass has introduced passkey support for both its free and premium users, marking a significant step toward passwordless authentication. This launch comes as part of LastPass’s broader security evolution following its 2022 data breach, which prompted the company to strengthen its security infrastructure. The new feature implements passkeys, which use public and private key cryptography to provide enhanced security compared to traditional passwords. Instead of memorized passwords, passkeys rely on device-stored private keys protected by biometric authentication methods like fingerprints or facial recognition.
The passkey implementation is currently in beta phase and exclusively available through Google Chrome on desktop platforms. Users can activate the feature by accessing their LastPass account settings and enabling passkeys under the “Beta Features” section, followed by master password verification and a Chrome restart. The integration builds upon Chrome’s existing biometric security capabilities, which have already been implemented for payment authentication.
This development aligns with broader industry movements toward passwordless authentication solutions, following similar initiatives from major technology companies like Google and Microsoft’s recent announcement of passkey support for its Authenticator app. Passkeys are designed to mitigate common security vulnerabilities associated with traditional passwords, including phishing attacks and credential theft. This is particularly significant given LastPass’s own research showing that many users continue to reuse passwords despite understanding the risks.
While the feature is available across LastPass’s subscription tiers, free users face certain limitations. Free accounts are restricted to either mobile or desktop access, potentially impacting users who need to access their passkeys across multiple device types. Premium users maintain full cross-platform access capabilities, consistent with LastPass’s existing subscription model.
The implementation process requires users to manually enable the feature and is compatible with websites that have integrated passkey authentication support. The system is built on FIDO Alliance standards, which recently updated its specifications for cross-platform passkey exchange. Once activated, users can manage their passkeys through the LastPass Chrome extension, streamlining the login process while maintaining security standards.
Source: ZDNet
–
November 14, 2024 – by the ID Tech Editorial Team
Follow Us