Is Passwordless Authentication for Real?
Picture this: it’s a beautiful sunny morning and since I’m working from home, I decide to take my work computer to a coffee shop with outside seating. As I turn it on, Windows Hello’s scary eye looks back at me, trying to identify me and grant access to my computer without typing in the password.
After a few seconds, I start to wonder why it’s not working and remember that face recognition with a mask is not a thing, yet. So, I need to go back to old password authentication and hope that no one tries to guess my 6-digit unique PIN. Passwordless authentication arrived promising no more passwords, and who doesn’t want that? Passwordless authentication provides more ease of use in an era where we log in everywhere and where we are constantly asked to come up with unique codes that we forget, forcing us to hit the incredibly annoying Reset Password button.
The fact that weak passwords are a threat to users and organizations is not debatable. Realistically speaking though, how close are we to being password-free? Passwordless authentication adoption is growing and that is a good thing, but we should focus on understanding the potential of this technology and how it protects against threats. Is it right for everyone? Let’s take a step back and look at the factors of authentication, the common passwordless methods, their benefits, and challenges they bring to users.