Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

12/4/2019
10:45 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

LastPass Goes Passwordless

LastPass Identity solution now provides passwordless login experience for business customers.

BOSTON, Dec. 04, 2019 (GLOBE NEWSWIRE) -- LogMeIn Inc. (Nasdaq:LOGM) today announced the next major update to its recently released LastPass Identity solution that introduces new ways for an employee to access their work without needing to type a password. This release marks the next phase in the company’s longer-term strategy to redefine cloud identity and expand LastPass for Business into a complete identity offering.

Building on its industry-leading enterprise password management technology, LastPass Identity now delivers a complete passwordless login experience for employees across applications, VPNs and devices (PCs, Macs, Android & iOS mobile devices) through device-native biometric authentication, single sign-on and federated identity integrations, all while giving IT complete control over every access point.

When passwords are estimated to be the root cause of 80 percent of all data breaches and IT is spending approximately four hours per week on password management-related issues alone, it’s clear that passwords continue to be a source of many security risks and employee frustrations. Going passwordless with LastPass Identity introduces new ways for employees to securely log in to their work accounts and devices without a password in sight, thus eliminating many password-related risks, leading to higher security and employee productivity, while also freeing up resources for IT.

New updates designed to eliminate the need for passwords for end users include:

  • Workstation Login:Using the secure, device-native biometric authentication technology of LastPass MFA, Workstation Login enables employees to log into their PCs and Macs using only biometrics, without ever having to type a password. Eliminating the password results in an improved user experience for employees – a login that is more seamless and secure than a traditional username and password. It also enables IT to implement biometric authentication across every business-critical work device to remain confident that only the right employees are logging in. With this feature comes “Offline Mode,” which enables employees to securely authenticate their identity no matter where they are – even when they are traveling or without internet – which helps improve security and employee productivity from everywhere.
     
  • Okta & Azure AD Federation:LastPass is expanding its portfolio of federated identity integrations to give IT teams greater flexibility to integrate LastPass into existing IT ecosystems to offer employees a passwordless experience, regardless of their current identity provider. LastPass’ business solutions now support federation with Okta and Azure Active Directory in addition to Microsoft Active Directory. Organizations who use Okta, Azure AD or AD as their identity provider can now federate into LastPass so that once employees are logged into their identity provider, the LastPass Master Password is no longer needed.

“For over a decade, LastPass has made it easier for thousands of businesses and millions of users to improve their password security and safeguard their digital assets. The truth of the matter is, passwords aren’t fully going away; there are still some use cases where you have to manage passwords behind the scenes in order to provide that passwordless login experience for the user,” said John Bennett, SVP & GM of Identity & Access Management at LogMeIn. “As a leader in managing passwords, we believe we are uniquely positioned to help businesses provide the best balance of strong security and user experience. Our LastPass Identity solution does that by enabling IT to manage every password behind the scenes while also giving employees a simple, truly passwordless experience. We are committed to continuing to build on our identity and access management capabilities designed to enable businesses to simply and securely address current and emerging access and authentication challenges.”

Availability

These passwordless features are now available for all LastPass Identity customers.

For more information about LastPass Identity and how to go passwordless with LastPass, visit https://www.lastpass.com/solutions/passwordless-access.

Additional Resources

About LastPass
LastPass is an award-winning password manager helping more than 16 million users organize and protect their online lives. For more than 58,000 businesses of all sizes, LastPass provides identity and access management solutions that are easy to manage and effortless to use. From single sign-on and enterprise password management to adaptive multifactor authentication, LastPass for Business gives superior control to IT and frictionless access to users. For more information, visit https://lastpass.com.
LastPass is a trademark of LogMeIn in the U.S. and other countries.

About LogMeIn, Inc.
LogMeIn, Inc. (NASDAQ: LOGM) simplifies how people connect with each other and the world around them to drive meaningful interactions, deepen relationships, and create better outcomes for individuals and businesses. One of the world’s top 10 public SaaS companies, and a market leader in unified communications and collaboration, identity and access management, and customer engagement and support solutions, LogMeIn has millions of customers spanning virtually every country across the globe. LogMeIn is headquartered in Boston, Massachusetts with additional locations in North America, South America, Europe, Asia and Australia.

Media Contact:
Lauren Christopherson
[email protected]
617-279-2443

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/1/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Well I dont run on MacOS, so I need to take extra precautions"
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10136
PUBLISHED: 2020-06-02
Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface and lead to spoofing, access cont...
CVE-2020-13757
PUBLISHED: 2020-06-01
Python-RSA 4.0 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing exces...
CVE-2020-13758
PUBLISHED: 2020-06-01
modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.
CVE-2020-9291
PUBLISHED: 2020-06-01
An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevated privileges via exhausting the pool of temporary file names combined with a symbolic link attack.
CVE-2019-15709
PUBLISHED: 2020-06-01
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.