Security News

Google to Add Passwordless Authentication Support to Android and Chrome
2022-05-05 21:57

"This will simplify sign-ins across devices, websites, and applications no matter the platform - without the need for a single password," Google said.The new Fast IDentity Online sign-in system does away with passwords entirely in favor of displaying a prompt asking a user to unlock the phone when signing into a website or an application.

Microsoft, Apple, and Google to support FIDO passwordless logins
2022-05-05 16:19

Today, Microsoft, Apple, and Google announced plans to support a common passwordless sign-in standard developed by the World Wide Web Consortium and the FIDO Alliance. "These multi-device FIDO credentials, sometimes referred to as passkeys, represent a monumental step toward a world without passwords," added Microsoft Identity Division Vice President Alex Simons.

Why World Password Day should become World Passwordless Day
2022-05-03 14:09

World Password Day will be recognized on May 5 this year - but isn't it time to rebrand it to something more suitable for the future? We now have the technology to replace passwords with stronger, more convenient methods of authentication. Passwords are familiar to many, and it will take time for people to get used to the idea of a truly passwordless environment.

How to become a passwordless organization
2022-03-21 06:00

How is passwordless the solution to this issue and can we say its implementation is gaining momentum? From a security perspective, not entering a password means it's harder for a bad actor to steal credentials as it's not resident in memory, nor is it written down on a yellow sticky note.

What is fueling the adoption of passwordless authentication?
2022-03-11 05:30

An identity and access management research report from Enterprise Strategy Group, finds organizations, frustrated with poor user experience and weak security, are moving towards adopting passwordless, continuous authentication. The impact of adopting passwordless authentication 40% of organizations using multi-factor authentication for customers make it optional.

Could passwordless be the solution to poor shopping sign-up processes?
2021-12-23 04:00

38% of respondents said forgetting passwords annoyed them the most, 39% said password that had specific requirements and a further 38% said CAPTCHA tests were the most irritating part of logins. A further 27% said security questions were annoying and 20% said the same about MFA. The culprit: Account creation fatigue and forgotten passwords.

Passwordless verification API transforms every mobile phone into a security token for zero trust access
2021-12-15 06:00

You don't have to log into the network to use the phone - it happens in the background via the SIM. Moreover, the mobile subscriber identity is one of the most widely used forms of digital identity. Firstly, it merely proves the user has access to a phone number, potentially through social engineering, not possession of a physical security token / device.

UK Ministry of Justice secures HVAC systems 'protected' by passwordless Wi-Fi after Register tipoff
2021-11-23 10:15

The Ministry of Justice has secured a set of Wi-Fi access points that potentially gave admin access to industrial control equipment after a tipoff by The Register. Four unsecured wireless networks named "Boiler Pump 1" to "Boiler Pump 4" were freely accessible in the Royal Courts of Justice until The Register told officials what was happening.

The world’s worst kept secret and the truth behind passwordless technology
2021-11-11 06:00

The fundamental flaw is that passwords are a "Shared secret." This means that both sides of the exchange are in on the secret and have it stored. Passwords become the proxy identifier for the users, and users often choose passwords that relate to something in their lives, including names and important dates, to make them easier to remember.

Organizations can save $1.9 million using workforce passwordless authentication
2021-11-04 04:30

Using survey responses the cost of economic efficiencies from the use of passwordless technologies was calculated and suggests cost savings of $1.9M over conventional password-based MFA. "Enterprises continue to feel threatened in the pandemic with many feeling targeted, and this along with remote work and associated loss of productivity from password problems is driving increased adoption of passwordless technologies," said Dr Larry Ponemon. Organizations with passwordless authentication have significantly lower help desk calls pertaining to passwords.