Your IT Support Experts - Homepage

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

(703) 359-9211

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

Macro Systems Blog

Macro Systems has been serving the Metro Washington, DC area since 1997, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

What to Know About Passwordless Authentication

What to Know About Passwordless Authentication

If you were told that one variable was responsible for more than 80 percent of cyberattacks, what would you guess that variable was? If you guessed “stolen access credentials,” you’d be right. The standard username/password combination may soon be a relic of the past as more tech companies transition to alternative authentication measures.

Take, for example, Microsoft.

What is Passwordless Authentication?

Passwordless authentication is exactly what it sounds like: instead of requiring a person to authenticate their identity by inputting a predetermined passcode, passwordless authentication looks to other measures to confirm validity. Does the user have access to a verification application? Do they possess a security token? Do their biometrics match the reference data? Have they already been authenticated by another service or application?

If your phone unlocks when it recognizes your face or fingerprint, or if you’ve received an access code via text message or email, then you've utilized passwordless authentication before. While not all forms of passwordless authentication are equally secure, they typically avoid the weaknesses that the traditional password is prone to:

  • Inadequate strength, making brute-force attempts much easier for cybercriminals
  • Without a password, users cannot reuse passwords across different accounts
  • Brute force attacks require a password to be present to work, which passwordless authentication negates

The Advantages of Passwordless Authentication

Cost Efficacy

Passwords can be surprisingly costly to maintain. Forrester Research has estimated that each password reset costs the company $70, finding that large companies spent $1 million in staffing and infrastructure alone to handle them in 2018. On the other hand, if there is no password to reset, there will be no cost associated with resetting it.

Improved Convenience in the User Experience

When the modern average user is expected to remember literally dozens of passwords, there’s little wonder that so many users resort to just picking one and recycling it over and over. From the user’s perspective, it’s more convenient, which means they can access what they need and get down to business more efficiently.

Naturally, this doesn’t encompass the full reality of the situation. Thus, to ensure that your security is maintained, it makes sense to make the most secure option the most convenient one as well. Passwordless authentication eliminates all the pressure of remembering all those credentials. As a result, your employees will both be under less stress and in a position to securely work towards your organizational goals.

Security

Most importantly, passwordless authentication is safer. Cybercriminals are targeting the human element more and more frequently as they leverage their attacks. Phishing is a common means for a cybercriminal to gain access to your business’ data, and there are plenty of other attacks that target your authentication measures anyways, like credential stuffing and brute force attacks. Each of these attacks relies on a set, concrete password being the key to the castle, so passwordless authentication measures can minimize the threat they pose.

Reasons like these are why Microsoft is putting so much effort into passwordless technologies.

What Microsoft is Doing with Passwordless Authentication

In no uncertain terms, a lot.

In addition to 150 million consumer and enterprise accounts utilizing passwordless authentication measures as of May 2020, Microsoft itself has effectively made an internal transition to passwordless. Up to 90 percent of their own 150 thousand employees have opted into passwordless authentications—saving Microsoft 80 percent of the support costs that once went to internal password management. Microsoft has accomplished this by pairing passwordless measures with secure multi-factor authentication.

Their strategy now can be summed up as saying, “Okay, so this user appears to be who they’re supposed to be. Let’s make sure they have something that they’re supposed to have.”

In doing so, Microsoft has also seen an uptick in MFA adoption, reinforcing security without adding any unexpected inconvenience to the user.

So, if passwordless authentication is truly…

  • More secure
  • More affordable
  • More user-friendly
  • More manageable
  • And more convenient

…it only makes sense that businesses of all sizes will soon see increased availability of these solutions and have a greater motivation to use them. As a result, we can confidently say that we foresee a passwordless future on the horizon.

Regardless of how security is enforced, Macro Systems is here to assist you in enforcing it. Reach out to us today to learn how we can help make your operations more secure and productive with our IT services and solutions. Call 703-359-9211 now.

Technology Services That Can Help Keep Your Busine...
Don't Overlook Potential Business Problems
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, December 22, 2024

Captcha Image

Customer Login


Contact Us

Learn more about what Macro Systems can do for your business.

(703) 359-9211

Macro Systems
3867 Plaza Drive
Fairfax, Virginia 22030