The Future is Passwordless

by

September 8, 2021

How Passwordless Authentication Can Improve Your Security and Save You Money

It sounds like a faraway dream, doesn’t it? Imagine—a passwordless future, where hackers can’t hack without credentials to steal. But thanks to new technologies in biometric and cryptographic keys, the future of passwordless authentication is now.

Is it time to jump on the passwordless bandwagon? We think so. Passwordless tech eliminates one of the biggest pain points in cybersecurity today. It’s time to consider what the best in multi-factor authentication can do for your company. Let’s take a closer look.

What Passwordless Authentication Can Do For Your Company

Password management may be a small, every day matter, but it has an outsized impact on your company. According to the latest statistics from Verizon, over 80 percent of hacking breaches come from brute force hacks (rapid fire password decoding) or from stolen credentials. Clearly, passwords represent a big part of your cybersecurity risk. And in practical terms, they represent a big part of your IT budget, too. Approximately 20 to 50 percent of all IT help desk calls have to do with password concerns, according to Security Boulevard. How much could you save your company if you eliminated passwords, altogether?

How Does Passwordless Authentication Work?

Passwordless systems are a type of multi-factor authentication that requires two things to work: a public key, and a private key. If you want to use this type of system, you’ll need a mobile app like Duo or a system app like Microsoft Hello. When you create an account in this system, it will generate a public private pair for you.

Think of your public key as the lock, and your private key as the key that opens it. Your public key can be stored in a variety of systems, like a website you wish to join, or an app you wish to use. But your private key is stored in your device–your phone or computer—usually in the form of your biometric finger print, an eye scan, PIN or voice recognition. Want to access one of those services on your device? Simply pull up your public key, and offer the fingerprint, or other private key identifier associated with the account. It’s that easy!

No more user names. No more different passwords for every site. You can access your accounts and files with a simple biometric gesture. It can be a big relief from a security standpoint, to know you can eliminate so many security threats so simply. From a useability standpoint, passwordless systems also remove one of the biggest pain points for users out there—juggling passwords and log ins for every app and website they use.

Types of Passwordless Systems

So, by now you’re probably wondering, how does passwordless differ from other types of multi-factor authentication like single sign on? Multi-factor authentication can be used through systems like Microsoft Windows 365, for instance, whether you’re working on your work device or not. Most passwordless systems are tethered to your devices for which they were issued-your work computer, or the personal/work cell phone you’ve registered on the company system.

Why is this important? Because your device uses the biometric scanners to do the “private key” portion of your signin. The private key/public key technology is different and more powerful than other signin technologies.

There are a few different kinds of passwordless authentication systems available, through Duo and Microsoft, in particular. Here is a breakdown of how Microsoft’s passwordless offerings.

Are You Ready to Go Passwordless? We Can Help!

At Integris, we specialize in helping small and medium-sized businesses get the most out of their technology. We’d love to help you work the latest passwordless authentication technology into your business. We can work together to help you create a strategic cybersecurity plan for your business, including a comprehensive cybersecurity risk assessment. Contact us for a free consultation.

If you’d like to do a little research of your own on your cybersecurity risks, we have the perfect free tool. Check out our DIY Comprehensive Cybersecurity Assessment Checklist. In just a few minutes, you can think through your cybersecurity needs, and figure out where your biggest risks are, for free! Download it now!

Susan Gosselin is a Solutions Writer for Integris. A career communicator and business journalist, she's written extensively on IT topics and trends for IT service providers like Iconic IT and ProCoders Ukraine, as well as business publications such as Technologyadvice.com, Datamation.com, The Lane Report and many others. Connect with her on LinkedIn.

Keep reading

Signs an Email is Phishing: 5 Signs of Phishing in Your Inbox

Signs an Email is Phishing: 5 Signs of Phishing in Your Inbox

For years we've read articles teaching us to identify the signs an email is phishing. We all know the signs, yet we still miss the blatant indicators and take the bait. According to Security Magazine, citing SlashNext, "The first six months of 2022 saw more than 255...

A Personal Twist on Zero Trust Security

A Personal Twist on Zero Trust Security

The massive Australian data breach in late September inspires me to share a personal twist on Zero Trust Security. What makes this incident colossal? BBC News Australia reports, "Australian telecommunications giant Optus revealed about 10 million customers - about 40%...

How Much Do Managed IT Services Cost? (Factors & Price Ranges)

How Much Do Managed IT Services Cost? (Factors & Price Ranges)

Several factors drive the cost and price ranges of managed IT services. Fees range between $100.00 to $250.00 per user per month. Factors that affect cost are headcount, the size and sophistication of your IT systems, and whether you outsource some or all of the...