![]() ![]() Okta offers a variety of passwordless authentication methods to address the requirements of your business, across both workforce and customer identity. What Passwordless Authentication Options Are Available in Okta? Ultimately, the goal is to start your passwordless journey by tying the appropriate factor to varying levels of risk.įor example, in the following image, we see that there could be varying levels of device assurance that could be tied to passwordless authentication, where medium and low levels of assurance could require a strong factor, or be denied login altogether. However, if a login is coming from a known device and a known network, a single, low or medium strength factor may be acceptable. For example, if a login is coming from both a new device and a new location, you will likely want to have a stronger factor type for authentication. ![]() These are factors which are not necessarily presented to end users, but rather considered before making an access decision. However, there’s also a fourth category that isn’t always mentioned-implicit factors. For example, a password plus SMS OTP would be a combination of knowledge and possession a password with biometric would be a combination of knowledge and inherence. ![]() Multi-factor authentication is defined as two out of the three categories of knowledge, possession, and inherence factors. In the introduction we mentioned that deploying multi-factor authentication is the foundation to going passwordless. How Do I Start Thinking About Deploying Passwordless? ![]() In this introductory whitepaper, we will cover the various features within Okta which allow you to deliver passwordless authentication to the workforce, customers, and consumers (B2E, B2B and B2C). And, for a high risk login, you can require one or more strong authentication factors. Okta’s integrated Single Sign-On and Adaptive Multi-Factor Authentication solutions allow organizations to include risk evaluation derived from context (user, location, device, network and more) in the access decision-including passwordless authentication.įor example, you can choose to only allow passwordless logins for low risk logins. These secure factors, coupled with login context, will allow you to forego the requirement for a password in the authentication process. Secure factors such as FIDO2.0/WebAuthn and mobile authenticator apps that support biometric authentication will put you on a path to eventually deploy passwordless authentication company wide. The question is, how do we get to the point of deploying passwordless authentication? Implementing multi-factor authentication (MFA) is a great foundation for ultimately deploying passwordless. Leaving passwords behind is an important step towards better security and identity access management (IAM), and it’s equally important to strengthen authentication by taking into account the context of every login request. And for the workforce, technologies like fingerprint and card readers and mobile authenticator apps help to provide a passwordless experience. For consumers, everyday technologies such as Apple Touch ID and Face ID and Windows Hello allow users to access their devices password free. Passwordless authentication is no longer a dream of the distant future. ![]()
0 Comments
Leave a Reply. |