Blog
Recent
Product Updates

How Federation Gives Employees a Passwordless Experience

LastPassDecember 18, 2019

For all the technological advances made over the years, the inefficient and insecure password has stubbornly stuck around.  

In fact, rather than fading away, passwords seem to be proliferating at an alarming rate. With dozens, if not hundreds, of credentials to manage, many employees find themselves struggling just to access the resources they need to use every day to do their work.  

Due to inherent flaws and continued misuse by employees, passwords also remain a significant security risk year after year, causing 80% of breaches. 

In short, passwords are a plague to both employees and the IT organizations that support them. With the promise of increased security, improved efficiency, and reduced IT costs, it’s no wonder so many businesses are looking for a way to go passwordless. 

The benefits of a “passwordless” experience 

The aim of going “passwordless” is just what it sounds like – getting rid of the password in favor of some other way to authenticate users. Rather than relying on a traditional username and password, passwordless authentication introduces new ways for employees to verify their identities and gain access to work resources. Ideally, the user would never have to remember or enter a password, and instead rely on easier, more secure ways of authenticating. 

The effects of going passwordless are far-reaching. Employees can more efficiently connect to resources and services, with minimal to no disruption to their workflow. Account resets, password resets, and password rotation are a thing of the past. IT resources can be freed up for other valuable work, and the risk of breach is reduced significantly as the insecurities of passwords are eliminated.  

In summary, an organization saves money, time, and resources by investing in a “passwordless” experience. 

What is federation? 

But many businesses are faced with the question: How do we best achieve a passwordless experience? 

One way businesses are already trying to go passwordlesss is through federation. Federation connects identity management systems together. The employee logs in to their organization’s identity provider. Then, when they want to access another application or service (a service provider), the identity provider validates the user.  

The user remembers one username – typically their work email address – and password combination to access the identity provider, and then are automatically connected to the appropriate work resources without the need to type any more passwords. They can seamlessly move from app to app and service to service, without login prompts or password mishaps to slow them down.  

By removing the password from the authentication process, IT admins also see increased security and efficiency. Federation also offers the benefit of automated account provisioning and revocation, and improved security by integrating with multifactor authentication to protect critical apps. 

Going passwordless with federation 

Federation, then, provides an important step in eliminating passwords. The challenge, though, is achieving a universal passwordless experience. That's where LastPass can help fill the gaps. With an integrated enterprise password manager, LastPass providers seamless login to all accounts not supported by the federated identity system.  

What’s more, the LastPass master password typically required to access and use LastPass can be eliminated through federation, so your existing identity provider can be used to authenticate to LastPass. Employees truly only have one username and password to remember – their identity provider credentials – and the rest is managed by the identity provider and LastPass combined. 

With a portfolio of federated login integrations, LastPass helps organizations achieve a passwordless experience by integrating with the identity ecosystem already in place. Employees gain a seamless login to LastPass, and by extension all the credentials and accounts securely managed by LastPass.

Learn more about LastPass