Let’s chat about something we all love to hate - passwords. Ugh, right? Remembering them, entering them, getting them wrong, resetting them… it’s a never-ending cycle of frustration. But what if I told you there’s a better way? A world where you don’t have to remember a jumble of letters, numbers, and special characters just to check your email, and, even better, a world where users don’t waste over 50% of your helpdesk time with password resets. Sounds like a dream, doesn’t it? Well, pinch yourself, because it’s real and it’s fabulous. It’s called passwordless authentication, and it’s about to rock your world.
Let’s start with the coolest part – unphishable credentials. You know phishing, right? Those sneaky attacks where cyber baddies trick you into giving up your passwords. Well, with passwordless authentication, there are no passwords to steal! You use something you have, like your phone or a security key, and something you know such as the PIN, or something you are, like your fingerprint or face, to log in. Meaning that there is no way a hacker can trick you into giving them your hardware key, and even if they create a fake phishing site, this technology is smart enough to prevent you from logging in. Two of the coolest technologies making this happen are Azure Certificate-Based Authentication (CBA) and FIDO2.
Azure CBA is Azure’s response to smartcard authentication being too hard. This feature of Azure Active Directory (Azure AD) lets you log in using a client certificate. Azure AD gives your device a token, and your device uses it to log you in. This removes the complicated setup that was required before with ADFS Servers, MIM CM, ADCS, Domain Controllers, HSMs, CRL servers, and more.
FIDO2 is another response to old-school smartcard setups being too hard to manage. This amazing open standard lets you log into online services without a password. You can use your biometrics, mobile device, or a FIDO security key instead. It was developed by some really smart people at the World Wide Web Consortium (W3C) and the FIDO Alliance (as a FIDO member we might be a bit biased).
Okay, so we know it’s more secure, but guess what? It’s also way faster! Studies show passwordless authentication can be up to four times faster than using passwords. No more typing out long, complicated passwords or fumbling for your phone to get a one-time code. Just use your fingerprint, face, or security key, and you’re in. It’s a time-saver and a brain-saver.
Ask your IT help desk team what they do most of the time, and they will answer, “Password resets.” These password resets are expensive, not only for the help desk time, but also the productivity loss for the employee; in fact, some experts say it costs $70 dollars per password reset! Using self-service passwordless onboarding tools such as EZCMS enables your users to quickly verify their identity and create their passwordless tokens in minutes, without ever talking to your help desk!
So, there you have it. The future is here, and it’s passwordless. With the rise in cyber-attacks and our collective desire for an easier life, it’s only a matter of time before passwords go away. FIDO2 and Azure CBA are leading the charge, and it’s time for us all to hop on the bandwagon. Let’s say goodbye to passwords and hello to freedom!