FIDO2 server certification provides assurance that LastPass servers adhere to globally recognized FIDO specifications and requirements
LastPass, a leader in password and identity management solutions, announced it has achieved FIDO2 certification of its servers, making it the first password manager to achieve this certification. FIDO’s certification process, conducted by FIDO auditors, reviewed, validated, and officially confirmed that LastPass’ servers meet the FIDO2 standards. Customers can have peace of mind knowing that using FIDO2 authenticators for their login to LastPass provides for a more secure and accredited authentication to their vault.
“By eliminating the requirement for a knowledge-based credential in favor of phishing-resistant FIDO2 authenticators, LastPass has taken an important step to provide simpler and more secure access to LastPass vaults – accelerating their customers’ journey towards a password-independent future.”
FIDO2 certification sets the industry standard for cryptographic logins through best-of-breed authentication specifications to leverage common devices like hardware keys, software keys, biometrics, and passkeys to authenticate into online services, ultimately creating an identity proof solution that is proven to adhere to globally recognized requirements.
Recommended AI News: 4DDiG Data Recovery V10: Enhanced User Interface and Advanced Video Recovery Features
FIDO2 certification is the latest milestone in LastPass’ passwordless journey:
- LastPass has been embracing a future without passwords since 2022, when it became the first password manager to provide a passwordless login experience to the vault with the LastPass Authenticator App.
- In August 2023, LastPass expanded passwordless login options to include FIDO2 authenticators, including biometrics, such as fingerprint or face ID, and hardware keys to passwordless login to the vault.
Flexibility in choosing secure passwordless authenticators
Though the master password still exists in the background as it will still be needed for certain account actions, customers who enable passwordless login can now access their LastPass vault on trusted devices without having to type in their master password. Customers can choose to authenticate and login using the LastPass Authenticator app or FIDO2 authenticators, including biometrics (e.g., Touch ID or Windows Hello) or hardware keys (e.g., YubiKey or Fietian Key). Depending which option is chosen, logging into the LastPass vault becomes as simple as approving a push notification, scanning your face or fingerprint, or inserting a hardware key.
Recommended AI News: TextQL Raises $4.1 Million in Funding to Use AI to Automate the Data Science Lifecycle
“Our customers will realize a more simplified login experience with greater authentication choices – contributing to better password hygiene, higher adoption, less time and money wasted on resolving lockouts, and a stronger overall security posture,” said Don MacLennan, chief product officer at LastPass. “Meeting the FIDO2 certification standard means customers can confidently trust that LastPass provides strict and secure authentication options to access their vault, as validated and certified by the FIDO Alliance. LastPass is proud to continue leading the charge towards a passwordless future, offering even greater security and authority in our passwordless offering.”
“Reducing reliance on passwords has become crucial and is a core tenet of the FIDO Alliance’s mission,” said Andrew Shikiar, executive director and CMO of the FIDO Alliance. “By eliminating the requirement for a knowledge-based credential in favor of phishing-resistant FIDO2 authenticators, LastPass has taken an important step to provide simpler and more secure access to LastPass vaults – accelerating their customers’ journey towards a password-independent future.”
Recommended AI News: Coupa Appoints Dean Bain to Lead Supply Chain Strategy and Go-to-Market
[To share your insights with us as part of editorial or sponsored content, please write to sghosh@martechseries.com]
Comments are closed.