LastPass introduces passkey support for safer, faster, and passwordless sign-ins

LastPass users can now create, store, and manage passkeys directly within their vaults, streamlining the sign-in process across apps and websites. These passkeys live alongside existing passwords, ensuring they are always private and accessible within the user's secure LastPass environment.

Passkeys rely on a unique public and private key pair for each website. The public key is stored by the website, while your device securely holds the private key. To authenticate, users simply use a fingerprint, facial recognition, or device PIN, removing the need to type passwords during login. This approach means that passkeys cannot be guessed, stolen, or reused, making them inherently resilient against phishing, credential stuffing, and other remote cyberattacks.

For organizations, LastPass administrators can activate passkey support through an admin policy. This enables employees to benefit from secure, seamless logins without the risk of storing private keys on company servers. Public keys remain tied to each website or app, while private keys stay protected within LastPass, helping businesses reduce exposure to server-based threats.