Featuring:

Andras Cser, VP and Principal Analyst and Geoff Cairns, Principal Analyst

Show Notes:

As digital experiences continue to get more advanced and major security breaches become more commonplace, the push toward passwordless authentication has never been more relevant. But how close are we to a world without passwords? In this episode, Vice President and Principal Analyst Andras Cser and Principal Analyst Geoff Cairns explore the intricacies and implications of moving away from traditional passwords and provide updates on the evolving landscape of passwordless authentication technologies.

To start the episode, Cser provides a look at current consumer adoption of passwordless technologies. He says that passkeys, which allow users to authenticate using their devices, are becoming a preferred choice for many consumer companies. “We are seeing that the biggest password killer, FIDO passkeys, are just taking the industry by firestorm,” he says. He explains that passkeys function as a simplified user authentication that maintains robust security measures. In addition to passkeys, more consumer firms and sites are adopting other authentication methods that reduce reliance on traditional passwords and deliver a more streamlined and secure user experience, including biometric options and one-time passwords.

Cairns looks at the issue from the enterprise perspective, where adoption is not as far along because enterprises have concerns about the cost involved and using personal mobile devices for authentication. Cairns also makes the point that in many of these “passwordless” scenarios, passwords aren’t gone — users just rely on them less frequently. “With a lot of the mechanisms, it still goes back to having a password at some point in that process to get enabled or enrolled.”

Of course, even the passwordless methods of authentication aren’t totally secure. Both Cser and Cairns describe some of the risks associated with passwordless authentication methods for consumers and enterprise users and identify ways fraudsters have been able to manipulate them.

The episode wraps up with each analyst providing their prediction on how far away a truly passwordless environment is, so be sure to stick around for those predictions.

To learn more about moving to a passwordless environment, be sure to check out the agenda for the upcoming Security & Risk Summit on December 9–11 in Baltimore.