k_Street Consulting, LLC Blog

k_Street Consulting, LLC has been serving the Washington area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Is it Time to Move Past Passwords?

Is it Time to Move Past Passwords?

Passwords have been a staple in data security and user authentication for many, many years… to the point where the idea of using a password has become nearly synonymous with the concept of security. However, data has increasingly shown that alternative options are in fact more secure. Let’s examine some of these passwordless authentication methods, and their pros and cons.

What is Passwordless Authentication?

True to its name, passwordless authentication is identity authentication that operates without relying on a password. You can think of it like two-factor authentication (2FA), with the password factor skipped over.

Instead of using a password, passwordless authentication omits it and focuses on what would be the second factor—a hardware token, biometric, or code generated on-demand through an owned device or sent to an email, among other options.

But Why Eliminate Passwords?

Let's consider a few options that businesses have in terms of their cybersecurity:

  • Use a password
  • Use a password and supplement it with 2FA
  • Use a passwordless authentication system

Here's the thing… Passwords, when considered objectively, aren't really a great option. First of all, how likely is it that the average user is going to be able to remember about 75 unique and sufficiently complex passwords? They aren't. As a result, your IT team is either going to be inundated with password reset requests, or your users are going to take shortcuts that undermine your security. So, while a password may be a convenient option on a macro scale, it comes at the cost of your security.  Not good.

Next, we might consider adding 2FA to our authentication requirements. This certainly boosts security, but it can also frustrate users and disrupt their experience. Also not good.

Passwordless authentication measures eliminate both pain points—not only are they secure, they make it far easier for your users to access what they need to do their jobs.

Today, There are Plenty of Options for Passwordless Authentication

Having said that, there are a few drawbacks to passwordless authentication that may take some time to resolve (if it doesn't require a change in user behavior). For instance, if you go the security key route, they can be easy to lose and potentially expensive to replace. Cost is a factor for most forms of passwordless authentication, as you might imagine.

On top of this, some malware attacks are particularly effective against these measures. Time will only tell if businesses ultimately see the benefits of passwordless authentication to be worth the risks.

In the meantime, k_Street Consulting, LLC is here to assist you with every aspect of your organization's IT, including its security. Give us a call at (202) 640-2737 to learn more.

Managed IT Technicians are Reliable Repairmen
Crafting Successful Remote Work Policies
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

2013
January
February
March
April
May
June
July
August
September
November