With so much hype about passwordless authentication nowadays, it is undeniable that passwordless authentication will succeed the future of authentication method. Passwordless authentication, as the name suggest, is a method that does not require password or answering security questions to gain access to any application or IT system. It offers a lot of benefits to organisation which include improved security, cost reduction in passwords management, better user experience and IT operation simplicity. These overwhelming benefits of passwordless authentication as well as the existing cyber risk brought about by password authentication however unable to dismiss doubts in company’s to openly embrace the implementation of passwordless authentication. Well, there are big differences between saying and doing. There are many challenges need to be addressed to make passwordless authentication works. What are the challenges in implementing passwordless authentication?
Every implementation of new method of technologies always require effort and cost. Like other cyber security frameworks, the implementation of password authentication need to have a step by step plan as well as employees training. In addition, the choice of deployment of passwordless authentication, either hardware or software depending on the company’s plan come with pro and cons. Hardware deployment can be costly as it include buying tokens, devices or cards as well as their replacement in case of loss and damage. Software deployment, on the other hand can be cheaper but company should be prepare for hidden cost such as administration and maintenance.
There is no perfect cyber security solution. While passwordless authentication removes all issues came about compromised credentials, this does reflect its capability in deflecting every existing cyber risk. Companies are still exposed to other form of cyber attack such as malware attacks, man-in-the-browser and duplication of biometric features. In a case of users losing devices used for passwordless authentication, there are possibilities of users being exposed to cyber crime particularly identity theft and data breach.
The beginning of the implementation of passwordless authentication is rather laborious. It requires learning of new technologies, setting up new devices, programming biometric authentication factors and constantly applying new authentication factors in each login session. People who have been used to password authentication may see passwordless authentication as an inconvenient method instead.
All in all, the implementation of passwordless authentication is not easy. Nevertheless, the challenges in implementing passwordless authentication need to be overcome as it is proven an effective solution to remove the increasing cyber risk from password authentication.
E-SPIN Group in the enterprise ICT solution supply, consultancy, project management, training and maintenance for corporation and government agencies did business across the region and via the channel. Feel free to contact E-SPIN for your project requirement and inquiry.
Other post you may be interested in:
1. How Does Passwordless Authentication Work?
2. World transit toward passwordless authentication generation
