All Research
Whitepaper

A Passwordless Future Begins with Credential Management

Anne Bailey
Although it enables a Zero Trust security approach, the journey to passwordless is often challenging and may require an organization to use multiple authentication methods to meet their varied use cases. Credential management is a practical means to have insight on the different types of credentials being used in an organization, enable centralized self-service for employees, and allow approved and preferred authentication methods to be enforced across the organization.

Commissioned by Axiad

1 Executive Summary

Passwords are a major security flaw, yet still remain a staple of most enterprises. Passwords themselves – and the customer, employee, and organizational information that they protect – are frequently a target for attackers. The repositories of passwords that organizations hold are valuable, and individual passwords themselves are easier to intercept. Passwords are also often not used properly by individuals; many employees reuse the same password for multiple private or professional accounts even though it is a well-known bad practice. Selecting non-random passwords, not updating them regularly, updating with only a single character change, and sharing with colleagues to get work done faster are not uncommon occurrences. For a more secure enterprise, organizations should consider going passwordless.

Going passwordless refers to using authentication methods that do not send a password between the user and the desired service, but rather other methods that limit where the key travels, making use of biometric authentication, device signals, PIN, PKI, certificates, and hardware tokens. Passwordless initiatives support zero trust initiatives because they enable authentication with higher confidence, helping to fulfill the goal of "never trust, always verify". Passwordless initiatives can also empower users to act securely with less friction. By removing passwords (and their misuse) and replacing them with more-secure options, the organization's security posture can be improved.

Going completely passwordless poses its own challenges for the organization. There are many authentication use cases that an organization must fulfill, ranging from building access to cloud application and mobile access. This range of use cases may require several authentication methods, which can be unruly to manage centrally. This is especially true when the divide between hardware tokens and app-driven multifactor authentication must be bridged.

Unified credential management can address some of these challenges. An interoperable platform that connects common identity providers (IdPs), standards, protocols, and often used authenticators can provide a single pane of glass to view and manage the many credential types in use across the organization. Approved authenticators can be enforced across the organization to ensure that a passwordless option is indeed being used by all employees. A self-service component can allow users to renew credentials themselves.

Axiad's cloud-based Integrated Authentication Platform, called Axiad Cloud, delivers enterprise-wide passwordless authentication. This single, unified solution spans multiple use cases, authentication methods, and identity types. Key modules of the platform include Unified Credential Management, User Authentication, Enterprise PKI, and Passwordless/MFA. Axiad is based in Santa Clara, CA, USA and was founded in 2010.

Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Register
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the General Terms and Conditions