Reseach Director, Cybersecurity - Industry Analyst at IDC
Vendor
Sep 20, 2021
There are two types of passwordless activities going on right now. A lot of vendors will allow you to register a device - yes using an initial password - and then rely on biometrics later. There are a few that will generate this initial password for you. The second never asks you for even an initial password and only a couple of vendors really achieve the true meaning of the term.
In Microsoft's case, Authenticator App provides you a QR code when scanned, returns a verification number to your cell phone. Windows Hello can be used for workstations and is typically enabled with facial recognition.
This is the eventual direction of the market, but brand new survey data we just collected reports that 80% of organizations still use simple username/password combinations in at least some parts (legacy apps) of their organizations.
Director of Community at PeerSpot (formerly IT Central Station)
Real User
Sep 21, 2021
@Jay Bretzmann thank you for such a detailed answer!
I know that there are many Infosec professionals that see the biometric authentication as unreliable. What do you think about it?
Search for a product comparison in Passwordless Authentication
Passwordless Authentication is an advanced security measure eliminating traditional passwords, enhancing security and user experience by using technologies like biometrics, hardware tokens, or software certificates. Passwordless Authentication offers increased security by removing password vulnerabilities. It provides a seamless user experience while reducing help desk costs related to password recovery. Users experience less friction during the login process, making it more efficient. By...
There are two types of passwordless activities going on right now. A lot of vendors will allow you to register a device - yes using an initial password - and then rely on biometrics later. There are a few that will generate this initial password for you. The second never asks you for even an initial password and only a couple of vendors really achieve the true meaning of the term.
In Microsoft's case, Authenticator App provides you a QR code when scanned, returns a verification number to your cell phone. Windows Hello can be used for workstations and is typically enabled with facial recognition.
This is the eventual direction of the market, but brand new survey data we just collected reports that 80% of organizations still use simple username/password combinations in at least some parts (legacy apps) of their organizations.
It'll be a few years:)
@Jay Bretzmann thank you for such a detailed answer!
I know that there are many Infosec professionals that see the biometric authentication as unreliable. What do you think about it?
Hello @AlessandroPiana, @Tom Aafloen and @Pete Fotopoulos. Can you please share your opinion about it with the community?