Is the future passwordless?

Eliminating login passwords can improve security and user experience, but Passwordless authentication is not a discrete technology or distinct market. By 2025, more than 50% of the workforce and more than 20% of customer authentication transactions will be Passwordless, up from less than 10% today.

Identity and access management (IAM) leaders seeking to eliminate passwords are often uncertain of what passwordless authentication should actually look like. IAM leaders are often put off by the prospect of investing in new technologies, unaware of the passwordless methods and flows available in incumbent tools – or by lack of a universal approach. Passwordless methods are widely available but aren’t yet universally adopted, meaning universal passwordless authentication remains on the horizon.

Security and risk management (SRM) leaders responsible for IAM should consider the following steps toward passwordless authentication:
 

• Identify drivers & define objectives to agree on priorities for user experience and security improvements
   
• Minimise time to value by fully exploiting capabilities of incumbent tools
   
• Prepare for universal adoption by shifting investments to tools and methods that simplify the migration path
  
   

Passwords remain common practice in user authentication but are vulnerable to many attacks, compromised passwords account for more than 60% of breaches due to hacking. MFA can significantly reduce risks, but passwords remain extremely vulnerable. With or without additional factors, passwords can be a significant source of friction and frustration for users and administrators. They can degrade user experience for both employees and customers, creating a significant volume of service desk calls. Thus, passwordless authentication methods are becoming increasingly popular.

Even though many vendors explicitly offer passwordless authentication methods, “passwordless” doesn’t specify what an authentication method is, only what it is not. The term doesn’t define a new market or a new innovation.

While IAM leaders often have a very clear idea of the need to stop using passwords, they might be less certain of which way of achieving passwordless authentication best meets their needs. Or, seduced by fashionable vendors’ marketing, they may overlook options readily available that don’t demand new investment.

If you would like to find out more about Multi-Factor Authentication and Passwordless solutions for your organisation, then please Click Here to speak to one of our specialists. Alternatively, existing customers can speak to their Nviron Account Manager.