Save time with unbiased, independent feedback on vendor solutions.
Watch weekly bite-sized webinars hosted by IANS Faculty.
Traditional password authentication presents a host of increasing security risks for organizations of all sizes. As a result, a growing number of organizations are considering passwordless authentication as a more secure, and user-friendly, alternative.
This piece provides guidance to determine whether passwordless is right for your organization and offers best practices to help get started.
To help make a business case for a transition to passwordless authentication it’s helpful to understand common password problems.
Almost every application shared by two or more users must identify its users when they establish a login session. Users normally claim an identity, e.g., by typing a login ID. Unless the application represents near-zero business risk, the application
must then verify that the claimed identity really belongs to the person attempting session initiation. This verification is called authentication and there are many ways to do it, passwords being the primary method for most organizations. Passwords
have many well-known problems, including:
Passwordless authentication relies on user possession factors (a mobile device) and physical factors (a fingerprint or other biometric input). With multiple factors of authentication, it becomes
more difficult for attackers to gain access into systems.
Before getting started with passwordless authentication, consider whether or not it is a good fit for your security strategy. Common issues faced by organizations moving to passwordless include:
READ: How to Drive SSO Adoption at Your Organization
You will need a few tools to get passwordless authentication working:
Passwordless rollouts are always complex. To avoid some of the biggest issues:
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.
September 26, 2023
By IANS Faculty
Access key data sets from the 2023 edition of IANS and Artico Search’s Security Budget Benchmark Report. Gain valuable insights on security budget increases and the drivers behind them.
September 21, 2023
Learn why CISOs Need D&O Liability Insurance Coverage now more than ever along with guidance to help minimize potential cyber liability risk.
September 19, 2023
Discover the diversity of IANS Faculty's real-world expertise. Learn how our faculty members can help you solve your most challenging security issues.