Go passwordless now (or how forgetting passwords is a good thing)

No one really likes passwords and yet almost everyone uses them or is forced to use them. As a user it can be a challenging and daunting task to create a new password when registering an account. A good password should be long enough, it should not be reused, it should not be found in a dictionary and ideally it should not have been exposed before by one of the numerous data breaches [1]. Many rules (and this list is not even complete) for the average user to keep in mind and to follow when creating a password. And ultimately, it should be easy to remember as well. Now multiply this with all the different applications and services in your organization.

Users will try finding ways around all these rules, like using a slightly altered version of one password across all services, changing the password only by adding a counting number and therefore lowering overall security. We are humans after all and our brains are not made to remember arbitrary, high entropic and abstract random phrases or words.

And still, even the best password is susceptible to phishing.

While there are ways to mitigate mentioned issues, like password policies or password managers, they only treat the symptoms and not the root cause, the password itself.

We believe it is time to leave passwords behind.

By using our service Identity@ThingsRock you have access to a frictionless way of passwordless authentication. No need for extra hardware to buy or authentication apps to be installed. Users register a device for passwordless authentication and that is all. Then they simply authenticate with the device, completely immune to phishing attacks and secured by the same proven and scalable technology that powers today’s TLS/SSL encryption used by millions of websites.

Our frictionless solution is fully embedded in our service and can therefore use all its features, from adding more authentication factors to integrating your LDAP directory with our service.

Vastly improving user experience and security at the same time is not a contradiction with our passwordless authentication service.

If you would like to try it, simply create a free account, as we are using our passwordless technology ourselves, or contact us for more information: info@thingsrock.com

[1] https://haveibeenpwned.com

Leave a Reply