The Push for Passwordless: Bridging Strong Authentication and Legacy Systems
In a previous post I wrote about FIDO Passkey and how this technology will revolutionize how we authenticate to services in our personal and work lives. Strong passwordless authentication, like Passkey, can no doubt improve user experience and the security of our online accounts.
Strong authentication, passwordless, or phishing-resistant MFA are key technologies to preventing some of the most common cyberattacks. They block phishing and reduce account takeover, which accounts for a large percentage of all breaches. The cost of each breach has been increasing over the years and most estimates don’t include the damage to a company’s reputation and potential lost economic opportunity.
However, these strong authentication technologies often fall short of being compatible with all systems within an enterprise. The reality is that legacy applications make up a significant portion of systems within most companies. Application modernization is always underway but it can’t occur fast enough, but it’s not just applications that need strong authentication. We need to secure server access and other elements of infrastructure, like switches and routers, that are critical to any organization. Ideally, we’d be able to protect these resources with passwordless solutions or at least some type of phishing-resistant MFA. Sadly, FIDO Passkey can’t help us to secure these systems.
Fortunately, there are vendors that provide passwordless solutions that can be used to protect legacy applications and system infrastructure. One example is ForgeRock Enterprise Connect Passwordless. It supports:
Modern applications by using modern protocols like FIDO.
Protection of legacy technologies including databases, servers, and desktops via standard protocols like RADIUS.
Seamless integration to other ForgeRock access products in the cloud or on-premise.
Customization of the login experience to include functionality like risk-based step-up authentication.
Furthermore, ForgeRock Enterprise Connect Passwordless allows customers to phase in the solution over time. Customers can start with a small pilot and expand the solution to larger populations and more applications over time.
Passwordless, strong authentication and phishing-resistant MFA will be ubiquitous soon. These technologies are critical to blocking the most common attacks on enterprises by bad actors. App modernization will help accelerate the adoption of modern passwordless, like Passkey, but app modernization shouldn’t be seen as a blocker to adoption. Technologies exist today like ForgeRock Enterprise Connect Passwordless that can support legacy apps, provide better user experience, vastly improve security and are easy to deploy. Don’t wait for the next account compromise to start developing a strong authentication strategy. Identify vendors that can meet your use cases or work with a trusted partner that can help you develop a strategy, perform product evaluations, and choose a direction today.