Passwords continue to rule our lives. By now you know the rules and inspirations for typical passwords: eight to sixteen digits (yes in some cases that long!), alphanumeric, special characters, our pet name, our favorite color, our mother’s maiden name. Oh, and change them every 30 to 90 days.
And that’s just for setting one password. Think about how many times you’ve just added a character here and there to change it up from one service to the next, because how in this world will you remember all those minute differences for each account? And on top of the personal accounts we need to manage, we’re also charged with setting and maintaining passwords for professional resources as well. It’s a mess.
From a user convenience angle, managing all these different instances of passwords creates a lot of friction. For larger businesses, it’s estimated that nearly 50 percent of IT help desk costs are allocated to password resets – that can amount to more than $1 million in staffing just to help your team reset their passwords.
It’d be one thing if passwords were costly but got the job done and kept out the bad guys. But they don’t! Passwords are expensive and continue to be the #1 attack vector and cause for breaches. Stolen and compromised passwords continue to be the top way that malicious users get into accounts – including in major hacks like the SolarWinds breach. For organizations, using passwords tends to create weaker security, more friction, and a higher total cost of ownership. It’s lose-lose-lose.
Those baseline password woes were exacerbated by a crazy 2020 and the major shift to a remote workforce. In some cases, organizations had to rush out remote work resources virtually overnight, accelerating their digital transformation initiatives. Today, enterprises are looking for ways to enable their workforce for permanent remote work by providing a secure means to log-in to their workstations. And they need to find a way that’s not only frictionless but also boosts productivity. They need to go passwordless.
SecurID, the trusted identity platform, offers passwordless ways to get into your windows machines and web and SaaS-based applications by using FIDO2 Security Keys.
SecurID provides passwordless sign-ins for Windows
With the latest release of SecurID (MFA Agent 2.1 for Microsoft Windows), we are excited to extend the passwordless sign-in experience to Windows 10 laptops and desktops. This new capability provides multifactor authentication (MFA) to workstation logins that leverage FIDO2 as a hardware authenticator and meet the high assurance levels required for proving compliance, without impacting user convenience.
FIDO2 security keys provide stronger defenses against phishing and man-in-the-middle (MitM) attacks. Windows login with FIDO2 security key as a strong form factor adds multiple layers of security, including a FIDO2 security key pin which unlocks the key itself. These logins also require that the users tap on the key to make sure a human is using it – and not malware acting on behalf of the attacker. By adding more layers, SecurID uses FIDO2 to make it harder for the bad guys to get where they shouldn’t.
SecurID accelerates cloud journeys
It’s not just Windows: SecurID support for FIDO-based authentication can also help customers using cloud-born resources and applications adopt passwordless authentication quickly to protect thousands of web-based and SaaS applications. You can see how SecurID supports a passwordless, cloud-based experience through this demo.
Whatever approach your organization takes, look for trusted vendors with proven passwordless technologies. Our passwordless credentials run deep: RSA pioneered passwordless authentication with SecurID, and we continue to protect tens of thousands of customers and more than 50 million identities.
We’re also working at the industry level to ensure that passwordless works across the sector. SecurID has been a member of the FIDO Alliance for many years, and as a co-chair of the Enterprise Deployment Working Group, has driven the standards to help eliminate passwords. SecurID is U2F/FIDO2 certified, supports a variety of form factors – hardware, software, embedded, wearables, and more. We also work closely with FIDO authentication providers as part of the RSA Ready program to ensure out-of-the-box interoperability.
Passwords rule our lives, but we can – and should – change that. Let us show you how.