In a 2006 report, researchers from Penn State University predicted we would soon be seeing the end of password usefulness and a new era of data security was on the horizon. And in May of this year, Google announced it was working to eliminate traditional password protection for its Android users, replacing it with biometric authentication factors.
Gartner, Inc. forecasts 20.8 billion connected things will be in use worldwide by 2020, making the conventional login-and-password approach to authenticating users and authorizing access to data and services no longer feasible. In fact, Forrester expects that, with computing processing power increasing dramatically, even passwords 14 to 20 characters long will be readily crack-able and largely ineffective for protecting high-value, high-risk assets and transactions by 2019.
Now, ForgeRock has announced the latest edition of their ForgeRock Identity Platform, with advanced new capabilities that will enable organizations to orchestrate highly secure, frictionless user experiences using push notifications. The ForgeRock Identity Platform is the industry’s first end-to-end identity management solution to support passwordless login and frictionless second factor authentication capabilities for continuous security any time during a session should an anomaly occur.
This kind of continuous security without passwords is can be applied in any number of business cases — from securing smart car and smart home applications, to healthcare devices, wearables, mobile banking, and industrial IoT situations where ease of use and the highest level of access security are essential.
“User frustration is a real concern with two-factor authentication, and a significant barrier for organizations working to create the kind of secure, seamless online user experiences that we’ve all come to expect online,” said ForgeRock CEO Mike Ellis. “With passwordless authentication now available through the ForgeRock Identity Platform, our customers can create highly secure, frictionless user experiences while keeping the growing number of IoT devices and data out of the wrong hands.”
Passwordless authentication not only improves the user experience, it also increases the level of security organizations can provide to their customers while reducing cost and administrative workload.
Using push notifications provided through a free, authenticated mobile app is less expensive than conventional token-based approaches, which often include costs associated with deploying hardware and software, token licenses, maintenance, and help desks. Additionally, eliminating passwords from the authentication chain is likely to drive significant cost savings for IT organizations, as estimates show password problems make up 20 percent to 30 percent of all IT service desk volume.