Reseach Director, Cybersecurity - Industry Analyst at IDC
Vendor
2021-09-20T18:21:42Z
Sep 20, 2021
There are two types of passwordless activities going on right now. A lot of vendors will allow you to register a device - yes using an initial password - and then rely on biometrics later. There are a few that will generate this initial password for you. The second never asks you for even an initial password and only a couple of vendors really achieve the true meaning of the term.
In Microsoft's case, Authenticator App provides you a QR code when scanned, returns a verification number to your cell phone. Windows Hello can be used for workstations and is typically enabled with facial recognition.
This is the eventual direction of the market, but brand new survey data we just collected reports that 80% of organizations still use simple username/password combinations in at least some parts (legacy apps) of their organizations.
Director of Community at PeerSpot (formerly IT Central Station)
Real User
Sep 21, 2021
@Jay Bretzmann thank you for such a detailed answer!
I know that there are many Infosec professionals that see the biometric authentication as unreliable. What do you think about it?
Search for a product comparison in Passwordless Authentication
Customer Identity and Access Management Solutions is a category of software solutions that focus on managing and securing customer identities and their access to various digital resources.
There are two types of passwordless activities going on right now. A lot of vendors will allow you to register a device - yes using an initial password - and then rely on biometrics later. There are a few that will generate this initial password for you. The second never asks you for even an initial password and only a couple of vendors really achieve the true meaning of the term.
In Microsoft's case, Authenticator App provides you a QR code when scanned, returns a verification number to your cell phone. Windows Hello can be used for workstations and is typically enabled with facial recognition.
This is the eventual direction of the market, but brand new survey data we just collected reports that 80% of organizations still use simple username/password combinations in at least some parts (legacy apps) of their organizations.
It'll be a few years:)
@Jay Bretzmann thank you for such a detailed answer!
I know that there are many Infosec professionals that see the biometric authentication as unreliable. What do you think about it?
Hello @AlessandroPiana, @Tom Aafloen and @Pete Fotopoulos. Can you please share your opinion about it with the community?