Our Blog - Enablis

Can an organisation truly be passwordless? The answer is yes. - Enablis

Written by Enablis | 03/10/2019 4:00:00 AM

Can an organisation truly be passwordless? The answer is yes.

Let’s face it, we’re all sick of passwords. But can an organisation truly be passwordless? The answer is YES. But what exactly is passwordless?

At a basic level, passwordless authentication is any method of verifying a user without requiring the user to provide a password. Proving the user’s identity can instead be done using an alternative factor like a proof of possession factor (mobile authenticator apps, hardware token, one-time OTP), biometrics, or—in less than ideal cases—a knowledge factor (PIN, passphrase, etc).

The benefits of going passwordless

Passwordless authentication has gained traction because of its significant benefits in security and usability, including:

  • Threat-resistant login options: Because there are no passwords to type, the likelihood of being phished is reduced.
  • Visibility and control for admins: Passwords are reused, phished, and stolen. When implementing passwordless authentication, admins control the security of their org and gain visibility into the specific factors in use per user.
  • Scalability: Delivering a passwordless experience through factors that end users already possess, such as their mobile device or laptop means easier scalability for users within your workforce and customer-base.
  • Lower total cost of ownership: Passwords require constant monitoring and maintenance. Eliminating passwords and allowing end users to recover their own accounts using factors they have enrolled in helps to reduce support ticket numbers.
  • A great user experience: Users no longer need to remember and update complex password combinations just to be productive.

How can an organisation go passwordless?

There are a number of different methods in which passwordless can be delivered. Enablis works with a market-leading vendor, Okta, who can deliver, or will soon deliver:

  1. Factor sequencing (early access) – users can use their secondary factor as their primary eg. username + SMS OTP
  2. WebAuthn (early access) – WebAuthn is the new global standard of web based authentication. By combining WebAuthn with the factor sequencing capability mentioned above, users can authenticate to your apps using biometric factors that support WebAuthn, without entering a password.
  3. Email magic link (beta) –  users enter their email address into your application, and instead of entering a password, the Email Magic Link is delivered to their inbox to facilitate a passwordless login process.
  4. Desktop SSO (generally available) – users log into their Windows or MacOS machine with their Active Directory credentials, which automatically logs them into Okta-managed apps.
  5. Smart Card / PIV Card (early access) – users log into Okta with a PIV card or other smart card, therefore bypassing any password requirement.

Aside from the myriad benefits of going passwordless, it goes without saying that the end goal is to protect the data within your organisation. As threats continue to evolve, eliminating any weakness within your security posture is critical. To find out more about Enablis’ security offering, click here. We work with Gartner magic quadrant leading vendors to provide an holistic solution that protects every aspect of your organisation’s data.

If you’d like to have an obligation-free chat, fill out the form below and we’ll be in touch within 24 hours.

 

Original articles from Okta can be found here and here.