“Passwordless” authentication is a recent addition to the cybersecurity arsenal of combatting credential theft. Microsoft, Apple and Google have recently signed up to a joint effort to make passwordless the new default. It involves using another mechanism, such as biometric methods or a device PIN.
What is passwordless authentication?
Passwordless authentication is based on public-key technology. This is the same technology that secures your connection when logging into your banking application or similar encrypted connection. The private key is associated with a device, such as a phone or authenticating token, and is never shared outside of this. Your device is associated with this key through an enrollment process. When an authentication provider receives a request from your identity, it sends a notification to that device to challenge that it is really you requesting to log in. A successful response to the challenge, such as a biometric scan of your face or your fingerprint, or a successful PIN entry, will then generate a token for the authentication provider to unlock the resource you are seeking access to. This can be a web application, your email account, or even your workstation!
Where do I sign up!
A lot of companies use Microsoft for their endpoint devices. By taking advantage of Azure Active Directory you can enable passwordless authentication in your Windows environment. This can be done with the Microsoft Authenticator, Windows Hello or standalone FIDO2 security keys. More information can be found on the Microsoft website here. If you want to see how Henocon can guide you on this journey, you can contact us here.
