Passwordless login - Not decrypt

Feature name

  • Passwordless account login

Feature function

  • What will this feature do differently?
    • Web specific - stretch goal
      • Access to the account without access to the vault
        • Gives the ability to do basic web-only account management without having to enter in the vault password to the web browser
    • All
      • 2FA first
        • If the account is locked down with only passwordless options, any attempts to login with user+pass will fail even if the password is correct.
      • Vault unlock with password is prompted after login
  • What benefits will this feature bring?
    • Attackers cannot check if the password is correct even if they don’t have 2FA
    • Account management is decoupled from vault access - stretch goal
      • Updating payment, etc
    • Protects against phishing
      • Passwordless will fail before ever prompting for the master password
    • Account will have the additional protection of the FIDO device’s pin
    • Further promotes users to use enhanced security practices
      • Raises awareness
      • Helps educate and train
      • Looks good for a security product to be promoting best practices