The Future is Passwordless

by

September 8, 2021

It sounds like a faraway dream, doesn’t it? Imagine—a passwordless future, where hackers can’t hack without credentials to steal. But thanks to new technologies in biometric and cryptographic keys, the future of passwordless authentication is now.

Is it time to jump on the passwordless bandwagon? We think so. Passwordless tech eliminates one of the biggest pain points in cybersecurity today. It’s time to consider what the best in multi-factor authentication can do for your company. Let’s take a closer look.

 

What Passwordless Authentication Can Do For Your Company

Password management may be a small, every day matter, but it has an outsized impact on your company. According to the latest statistics from Verizon, over 80 percent of hacking breaches come from brute force hacks (rapid fire password decoding) or from stolen credentials. Clearly, passwords represent a big part of your cybersecurity risk. And in practical terms, they represent a big part of your IT budget, too. Approximately 20 to 50 percent of all IT help desk calls have to do with password concerns, according to Security Boulevard. How much could you save your company if you eliminated passwords, altogether?

 

How Does Passwordless Authentication Work?

Passwordless systems are a type of multi-factor authentication that requires two things to work: a public key, and a private key. If you want to use this type of system, you’ll need a mobile app like Duo or a system app like Microsoft Hello. When you create an account in this system, it will generate a public private pair for you.

Think of your public key as the lock, and your private key as the key that opens it. Your public key can be stored in a variety of systems, like a website you wish to join, or an app you wish to use. But your private key is stored in your device–your phone or computer—usually in the form of your biometric finger print, an eye scan, PIN or voice recognition. Want to access one of those services on your device? Simply pull up your public key, and offer the fingerprint, or other private key identifier associated with the account. It’s that easy!

No more user names. No more different passwords for every site. You can access your accounts and files with a simple biometric gesture. It can be a big relief from a security standpoint, to know you can eliminate so many security threats so simply. From a usability standpoint, passwordless systems also remove one of the biggest pain points for users out there—juggling passwords and log ins for every app and website they use.

 

Types of Passwordless Systems

So, by now you’re probably wondering, how does passwordless differ from other types of multi-factor authentication like single sign on? Multi-factor authentication can be used through systems like Microsoft Windows 365, for instance, whether you’re working on your work device or not. Most passwordless systems are tethered to your devices for which they were issued-your work computer, or the personal/work cell phone you’ve registered on the company system.

Why is this important? Because your device uses the biometric scanners to do the “private key” portion of your sign in. The private key/public key technology is different and more powerful than other sign in technologies.

There are a few different kinds of passwordless authentication systems available, through Duo and Microsoft, in particular. Here is a breakdown of how Microsoft’s passwordless offerings.

 

Are You Ready to Go Passwordless? We Can Help!

At Integris, we specialize in helping small and medium-sized businesses get the most out of their technology. We’d love to help you work the latest passwordless authentication technology into your business. We can work together to help you create a strategic cybersecurity plan for your business, including a comprehensive cybersecurity risk assessment. Contact us for a free consultation.

If you’d like to do a little research of your own on your cybersecurity risks, we have the perfect free tool. Check out our DIY Comprehensive Cybersecurity Assessment Checklist. In just a few minutes, you can think through your cybersecurity needs, and figure out where your biggest risks are, for free! Download it now!

Susan Gosselin is a Senior Content Writer for Integris. A career communicator and business journalist, she's written extensively on IT topics and trends for IT service providers like Iconic IT and ProCoders Ukraine, as well as business publications such as Technologyadvice.com, Datamation.com, The Lane Report and many others. Connect with her on LinkedIn.

Keep reading

The Password is Dead: Introducing MFA

The Password is Dead: Introducing MFA

As luck would have it, “password12345” just isn’t cutting it for account security anymore. The password is dead: more and more headlines are using this phrase to describe severe security issues with the average password. It’s true that bigger and bolder hacks have...

Nine Rules For Strong Password Creation

Nine Rules For Strong Password Creation

Do your employees know how to create a strong password? Is authentication management a priority at your company? If you're answering no to either question, you could be placing your organization at serious risk. Why? Because guessing employee logins is one of the key...

Zero-Trust Architecture: What is it and why should you care?

Zero-Trust Architecture: What is it and why should you care?

If you're like most people, the thought of your sensitive business data being stolen by some creep (that probably spends their entire day in pajama pants covered in Cheeto crumbs) is both infuriating and panic-inducing. You've got two choices: 1. You can either go to...