A passwordless future?

richardmeek
Categories: Business

Passwords have been a staple security feature for digital operations for as long as the internet has been around. ‘I forgot my password’ has become synonymous with frustration and time-consuming administration as the growing number of passwords required, exceeds the average users memory.

For those that have a sufficient level of knowledge and discipline, password managers consolidate all passwords in to one secure place, that are accessed via an app on your phone, tablet or computer. However, with the average person now having 70-80 passwords, for many having the same password for multiple logins and using memorable information such as pet or road names, is still commonplace. This explains why the most common password is still ‘123456’. Weak passwords are shown to be the entry point for most hacks, with over 18 billion taking place every year.

Multi-factor authentication has improved security, regardless of the complexity of a password, but it has come at the cost of convenience. For passwords, it may seem like security and convenience are mutually exclusive terms, but with the advent of passwordless authentication both are now possible.

As of September 2021, Microsoft has announced that passwordless sign in is now generally available for commercial users, meaning businesses of all sizes can utilise this new feature.

You can now completely remove the password from your Microsoft account by using the Microsoft Authenticator app, Windows Hello, a security key, or a verification code which is sent to your phone or email to sign into your apps and services.

FIDO (Fast IDentity Online) Alliance provides the security key, or validation code, to reduce the use of traditional passwords as the main form of authentication. FIDO2 security keys are unphishable and come in many form factors, allowing the user to sign into resources without a username or password, using an external security key. This option is similar to how a key works for a house or car, where you must physically have the security key to gain access to a system or resource.

Passwordless authentication streamlines user experience whilst greatly increasing security. With multiple options for simple integration, make forgotten passwords a thing of the past.

See more information on our security solutions here