The environment & workflows need to stop asking for passwords. With Windows Hello for Business & passwords coexisting in your environment, the next step towards password-less is to reduce the password surface. Reduce user-visible password surface area That means that if an attacker obtains a password for an unrelated account, they might inadvertently get their hands on a victim’s online bank account details or even worse. The inevitable result is password recycling, where users reuse passwords across multiple platforms. They’re so widely used to protect online accounts & services that the modern internet user has to memorize, on average, the passwords for up to 92 accounts. That’s not the only problem with passwords. Passwords aren’t working but still we massively relying on it Eliminate passwords from the identity directory Transition into a password-less deploymentĤ. Reduce user-visible password surface areaģ. Develop a password replacement offeringĢ. At Ignite 2017, Microsoft shared a four-step approach which helps organizations going password-less.ġ. Over the past few years, Microsoft has continued their commitment to enabling a world without passwords. All with the explicit goal of eliminating passwords. Many initiatives have been launched like Microsoft’s CardSpace, the Higgins project, the Liberty Alliance, NSTIC, the FIDO Alliance and various Identity 2.0 proposals. In 2004, long before we went online massively concepts like phishing or ransomware were on the rise, Bill Gates, predicted at the RSA Conference that year the demise of passwords saying “they just don’t meet the challenge for anything you really want to secure.”įor years, we’ve been discussing the vulnerabilities of passwords (80 percent of security breaches are down to stolen passwords & credentials) and the need to ditch them for more robust & secure solutions.
0 Comments
Leave a Reply. |