A rising challenge facing system designers is that access to systems needs to be slick, and in many cases, devices are small and do not have traditional keypad interfaces. As a result, new and secure means of access need to be established.
What is it?
Instead of passwords, identity can be verified based on a “possession factor,” which uniquely identifies the user. This could be a one-time password generator, a registered mobile device, a hardware token, or something such as a person’s biometric signature using something physical and unique like a fingerprint, the face, or retina.
Passwords are risky and not very secure; people often mislay them or use the same ones multiple times, or don’t create a secure one in the first place. There’s also a cost in managing passwords well. They need secure storage, they need to be recycled safely periodically, and they slow down the user experience in accessing systems.
What’s in for you?
Passwordless authentication can deliver a better consumer experience and lower IT overheads in the maintenance of password systems. Password resets remain a significant part of the work done by IT helpdesks — so offering an alternative may free up your staff to tackle more valuable work.
You can also reduce risks — password-only systems are fundamentally risky. User-chosen passwords tend to be weak and are often reused, which increases the chances of them being compromised. Adopting a passwordless approach prevents the types of attacks based on intercepting credentialed communications.
What are the trade offs?
Biometric technologies are changing and improving all the time. If you invest in passwordless authentication, you can expect to have to upgrade your tech on a regular basis — far more frequently than you would with passwords. The efficacy of methods such as facial recognition are subject to issues such as the quality of the cameras being used, which are often out of your control.