LastPass ups security with multi-factor authentication

16 Mar, 2016

The password manager has released 2FA app to improve security for its users

LastPass has introduced a free two-factor authentication (2FA) app for use with its password manager across Android, iOS and Windows 10 Mobile, adding extra security for users.

The app, available now, can also be used across hundreds of popular apps and websites including Amazon, Dropbox, Facebook and Evernote, adding an additional security measure to the lives of general users as well as "sensitive early adopters".

Joe Siegrist, general manager and vice president of LastPass, said: "Today, multifactor authentication is far too often limited to security sensitive early adopters, and people that have to use it because IT forced them to do so. That's the driving goal behind the LastPass Authenticator: Bring the security benefits of two-factor authentication to the masses by taking the pain and friction out of the equation, creating something that people want to use.

"We see it as a great way to not only bolster the security for millions of LastPass customers, but ultimately, bring an added level of protection to virtually anyone online."

Once the LastPass Authenticator app's multifactor option is turned on and it is linked to the user's account, they will receive a push notification on their mobile or smartwatch asking them to verify access to their password vault. Alternatively, the app can send a 6-digit, 60-second code or a code via SMS.

The app will work with most leading consumer and enterprise authentication systems because it is Time-based One Time Password (TOTP) compliant.

In January, LastPass announced a new version of the app with encrypted password sharing and emergency account access. Shortly after this release, it was revealed that there was an exploit capable of bypassing two-factor authentication, with LastPass 'strengthening its defenses' in response.

Read more about