Security News

Beyond Identity, a security startup on a quest to eliminate passwords, today announced a $75 million Series B funding round, bringing the total investment in the company to $105 million. Launched in April by internet icons Jim Clark and Tom Jermoluk, Beyond Identity has launched a certificate-based authentication and authorization solution that eliminates the need for passwords.

Passwords are a constant struggle for businesses and IT departments. There are other ways to stay safe.

Whether decreasing the number of passwords required through single sign-on or eliminating the password altogether in favor of a strong authentication factor, the priority is on the workforce experience. At the same time, we've asked users to create longer passwords, more complex passwords, unique passwords.

While passwords may not be going away completely, 92 percent of respondents believe passwordless authentication is the future of their organization, according to a LastPass survey. Passwordless authentication reduces password related risks by enabling users to login to devices and applications without the need to type in a password.

"The better way to protect the user is to provide a more intuitive, more friendly experience and a more secure way through passwordless," Chik says. Remote working is a core scenario for Microsoft customers in enterprise, government and education for the rest of this calendar year, the next 12 months and likely beyond, Chik notes: "71% of employees and managers want to continue to work from home, especially when we don't have COVID vaccination, but even in a post-pandemic world, people want the flexibility of being able to work from home." That's helping to put security, identity and MFA in the top five investment areas for security leaders, although CISOs need to improve security for remote workers without reducing their productivity.

You can do that with the Windows 10 May 2020 Update, aka Windows 10 2004. First, make sure you're running Windows 10 version 2004.

Learn how to enable passwordless SSH authentication on both Linux and macOS. You probably secure shell into your Linux servers throughout the day. Hopefully, you've set those servers up such that you're using SSH Key Authentication.

Passwords seem to be the digital equivalent of the phrase, "Can't live with 'em, can't live without 'em." They're supposed to protect sensitive information and data, but passwords can also be incredibly frustrating; you shouldn't use the same one across the board, which means you probably have variations of the same one, which means you have to remember which one is for which site, and then when you have to reset your password because inevitably you can't remember it, you get an error that says your new password can't be the same as your old password. Password management tools and apps can help ease the pain of passwords, but even those don't totally solve all of the password challenges all of the time.

To help create a better experience for these users, Alpha Serve has developed WebAuthn add-ons to bring passwordless authentication to various Atlassian products. WebAuthn is part of the FIDO2 framework - various technologies that permit passwordless authentication among web browsers, servers, and authenticators.

As we celebrate World Password Day, companies of all sizes are looking to password alternatives including YubiKeys, Google Titan keys, and biometrics. Organizations have been asking us and saying, "Hey Gartner, are there viable options for passwordless authentication?" And in fact, so much so that it was one of our top security trends last year, in saying that, yes, it wasn't a trend for 2019, but it was something that we saw signals in the market where organizations wanted to move away from passwords and to move more toward a world of passwordless techniques.