What is passwordless authentication?

Authentication is generally of three types –something you know, something you have, and something you are. Password-based authentication is a shared secret and of the type of something you know. Password-based authentication provides an easy path for cyber criminals to take over accounts using simple social engineering techniques such as phishing. Passwordless authentication will not use a password.

 

How does passwordless authentication work?

A passwordless authentication tool will challenge a user with other factors such as a secure token (something you have) and/or a biometric method (something you are).

 

What is PasswordFree Authentication™?

This is a passwordless, multi-factor authentication SaaS offering from Identité. Authentication is simple enough for any user yet strong enough to resist phishing, impersonation, or browser-n-browser cyber hacks. Simple APIs connect and secure your web portal to the service.

 

What types of passwordless authentication factors are included with PasswordFree Authentication™?

PasswordFree Authentication™ includes a decentralized token (something you have) and employs the use of a biometric method if the device has one built in. The out-of-the-box flow will utilize all three types of authentication –something you know such as email or user name, something you have which is a token on a secure device, and something you are which is biometric on that device.

 

Why is PasswordFree™ more secure?

In addition to using all three types of authentication, the soft token is protected by a patented process called Full Duplex Authentication®. The requesting authentication service must authenticate the user before the user will respond with the secure token. This complies with the highest level of authentication as described in NIST 800-63-B.

 

What are the benefits of passwordless?

Passwords are the number one source of friction on a web portal. 1/3 of all shopping carts are abandoned because people forgot their passwords. By using authentication factors other than a password, account takeover becomes a thing of the past.

 

Are there risks associated with passwordless?

As long as the types of authentication being used are “something you have” and “something you are” there are no risks with passwordless authentication.

 

How user-friendly is PasswordFreeAuthentication™?

At Identité, we have spent years researching the heuristics associated with authentication and have been able to limit the user's actions to just a look, click or tap.

 

Which types of websites can use PasswordFree™?

Any website with a public domain can benefit from PasswordFree Athentication™.

 

How hard is it to implement PasswordFree™ on my app?

Any web designer/developer with simple java scripting skills can implement the service.

 

How do I get my customers to use PasswordFree™?

For existing users, simply add a button allowing them to “drop” their password. The button takes the user through a quick registration process that is faster than if the user were to change their password.  For new users, offer a PasswordFree Authentication™ button.  New users can register significantly faster than if they are asked to create and retype a password.