We all hate passwords. We hate remembering them. We hate changing them every 90 days. And we hate their complexity rules. Well, here’s the good news: Passwords are outdated. The future will use Fast Identity Online (FIDO).
Passwords have been core to access security for decades. They began as a way to share access to mainframe computers in the 1960s, and we’ve relied on passwords to protect sensitive data in essentially every online activity since. However, as a security mechanism, passwords have been showing their age.
Malicious hackers and other bad actors have long known it’s much easier to steal passwords than break into networks or applications, which is why Verizon reported in 2019 that 80% of hacking-related breaches involve stolen or weak credentials. It’s no secret we must address access security risks associated with passwords. This has led to a greater adoption of two-factor authentication and zero trust security.
Why passwords fail to protect sensitive data
The primary problem with passwords arises when users choose them for simplicity rather than security. Think about when you’re asked for a password: You have to remember the context it’s in and which password you used for which site. Perhaps you use a password manager or browser extension like LastPass to create long and complex passwords for each of your logins. In that case, you’re probably copying and pasting your password into the input field instead of manually typing it. If you deal with materially sensitive or classified information, you may also use a CAC card or multi-factor authentication to verify your identity, but users rarely adopt these additional access steps unless they’re required.
Fast Identity Online (FIDO): The future of access security
Gartner predicts by 2022, 60 percent of large businesses and nearly all medium-sized organisations will have reduced their dependence on passwords by half. If passwords are the past of access security, Fast Identity Online is the future. Also known as FIDO authentication, this access security technology “enables password-only logins to be replaced with secure and fast login experiences.” Today, the FIDO2 web-based API makes it possible for users to authenticate to their login pages via biometrics, mobile devices, or specialized security tokens—replacing passwords with something a user always has with them and that can’t be stolen.
“Passwords have become increasingly problematic, as users rarely focus on the actual reason behind the need for passwords when they formulate them,” notes Matthew McKay, Regional Director for Sub -Saharan Africa at Citrix. “FIDO, on the other hand, is very much focused on security, yet it also meets the users’ need for simplicity. It is the ideal solution for both organisations and their employees.”
Here’s how FIDO authentication works:
A user registers by choosing an approved FIDO authenticator for the online service that the user will login to.
When a user needs to login somewhere, they can use a FIDO-approved device (like their phone) to verify their voice, fingerprint, face or any combination thereof. To protect user privacy, only FIDO sees the biometric authentication method—never the online service. This means the user does not have to remember and constantly update a series of complex passwords. Organisations in turn increase their access security and can require different forms of biometric authentication to protect sensitive data.
Passwords are the ghosts of the internet—they will be around forever, but your organisation need not be haunted by them. By embracing FIDO authentication, you can free your employees, partners, and third-party users from having to remember regularly-changed, complex passwords.