You happen to be reading an article reporting on a speech by Bill Gates on his prediction the end of the password era, and you might think this is the Founder of Microsoft discussing a new trending topic like everyone else in our business is today. The point is that, like me, you would be shocked to find out it was Mr. Gates talking about this issue in 2004 at the RSA Conference, and we are still struggling to protect users using (weak) passwords. So, is the passwordless authentication era finally coming? And are we ready to switch from the usual and reassuring user/password to something new?
The use of the password is changing for accessing any digital service or device. In the last couple of years, celebrities of the cybersecurity world have been spreading the word. Not just a word, but telling people about using biometrics and cryptographic capabilities to validate the user’s identity continuously. Passwordless Authentication. Passwordless is the approach that solves by design some of the most common account takeover threats. Weak passwords, data breach incidents, and phishing attacks. Passwords today are not secure; however, at the same time, passwordless is an exciting new opportunity to redesign the user experience for the better. Agreed, but what’s missing in the picture?
On one side, the trend for multifactor authentication for the past few years has been spreading fast and becoming a commonly accepted authentication mechanism. Helped by the media as the silver bullet for account protection, but without the broader understanding of the security benefits of multifactor authentication. In conjunction with that, biometric authentication is part of most people’s daily life. Think about fingerprint to unlock your smartphone, face recognition for payments using i.e., Apple Pay services, or passive biometrics continuous anomaly evaluation. We at XTN already advocate, provide and use such methods and solutions in our products, and we are very much on the road to being a passwordless solution provider.
On the other hand, I have recently attended many meetings with major enterprise companies where the main objection is switching costs. Yes, it can mean changing the authentication mechanism and reviewing the entire process of accessing services, investing in new technologies, forming teams that offer support, and so on.
There is a massive opportunity for companies who decide to take this step. By taking advantage of the need of digital users to have a better user experience along with higher security. The demand for more friendly and secure authentication mechanisms is building with next-generation service providers taking advantage of this opportunity. In fact, the password is already at the end of its path, from the perspective of technology evolution. Thanks to the technological advances of personal devices, new solutions can provide alternative authentication flows. Most have a mature, reliable, and robust approach, but only a few are modern, innovative, visionary, and frictionless. It’s a matter of educating enterprises and help them understand there are alternatives available and that this could be an excellent opportunity to improve their competitive advantage.
Dad, what’s a password again?
Visit here or contact us for more information: