Cybersecurity is in an intriguing period now. There are talks of passwordless access — a digital revolution that will eliminate the need for simple passwords. It is not difficult to comprehend why passwordless authentication is gaining popularity. Passwords are a significant security flaw and a pivotal contributor to data leaks. Although it is not yet possible to completely do away with passwords, there are passwordless authentication techniques that businesses can adopt right now to reduce their reliance on passwords and limit the usage of credentials as an attack vector. This article at InformationWeek by Nathan Eddy discusses the future of passwordless access.
Leading The Way to Passwordless Access
Microsoft, Apple, and Google jointly announced their intention to begin supporting FIDO (Fast Identity Online) passkey authentication across all their browsers, platforms, and operating systems by the end of 2022. However, the complexity of these challenges makes them difficult for business users to handle them.
“The advantage of eliminating passwords is the reduction of password-related attacks on the services which support the technology,” claims Darren Guccione, CEO and co-founder at Keeper Security.
As biometrics and mobile app authentication become easier to use and activate, they are becoming more popular alternatives to passwords.
Privileged Access in Passwordless Access
Joseph Carson, Delinea’s chief security scientist and advisory chief information security officer says many of these systems still require passwords. For instance, when a device is restarted, the password is used as a recovery key, backup key, or pin.
Privilege access management tools and password managers are frequently used to secure privileged passwords, preventing unauthorized access to confidential accounts. He claims the principle of least privilege is upheld since this ensures that the proper security measures are necessary before access is provided. And when access is no longer required, it is revoked.
Furthermore, the author speaks about preparing for a passwordless access world and the challenges of passwordless settings in hybrid work environments.
To read the original article, click on https://www.informationweek.com/security-and-risk-strategy/preparing-for-the-post-password-world