{"id":6113,"date":"2022-09-30T10:20:48","date_gmt":"2022-09-30T14:20:48","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=6113"},"modified":"2022-09-30T10:42:45","modified_gmt":"2022-09-30T14:42:45","slug":"self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/","title":{"rendered":"Self-Sabotage: How You are Undermining Your Journey to a Passwordless Future"},"content":{"rendered":"<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-6115\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future.jpg\" alt=\"Passwordless\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future-300x150.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future-768x384.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future-540x270.jpg 540w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future-162x81.jpg 162w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify;\"><em><strong>As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014 Bassam Al-Khalidi of <a href=\"https:\/\/www.axiad.com\/\" target=\"_blank\" rel=\"noopener\">Axiad<\/a> explains how passwords may still be lurking underneath the surface of your passwordless strategy.<\/strong><\/em><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-6002 alignleft\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/07\/SR-Premium-Content.gif\" alt=\"Premium Content\" width=\"105\" height=\"110\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/07\/SR-Premium-Content.gif 105w, https:\/\/solutionsreview.com\/identity-management\/files\/2022\/07\/SR-Premium-Content-77x81.gif 77w\" sizes=\"(max-width: 105px) 100vw, 105px\" \/>Passwords have been used to protect sensitive information for centuries, spanning from ancient times (e.g., ciphers) all the way through to the modern day. Yet, even despite their longstanding existence, they are still one of the most used security tools today.<\/p>\n<p style=\"text-align: justify;\">Modern enterprise organizations typically handle thousands of passwords across their people, machines, and digital interactions to provide access to their systems and data. But passwords are also easily compromised. In fact, passwords, along with stolen or weak credentials, play a part in more than 80 percent of today\u2019s breaches. Moreover, in a survey of 2,000 US office workers, 60 percent said problems with passwords have stopped them from doing their jobs.<\/p>\n<p style=\"text-align: justify;\">Given that so many breaches stem from poor password practices, plus the often-negative impact on productivity, many forward-thinking organizations are moving away from legacy (password-only) approaches to contemporary (passwordless) strategies for authentication, which are optimized for today\u2019s business environment and deliver clear security and operational benefits.<\/p>\n<p style=\"text-align: justify;\"><br \/>Widget not in any sidebars<br \/><\/p>\n<h2 style=\"text-align: justify;\"><strong>Living in a Passwordless Future<\/strong><\/h2>\n<hr \/>\n<h3 style=\"text-align: justify;\"><strong>Understanding the Implications of Shared Secrets<\/strong><\/h3>\n<p style=\"text-align: justify;\">While passwordless authentication is currently a hot topic in boardrooms around the globe, it\u2019s critical to understand that that not all passwordless solutions are, in fact, actually passwordless. If you\u2019re currently deploying a passwordless platform or evaluating the move to passwordless, a lack of understanding of what lies beyond the surface can jeopardize even the most well-intentioned, thoroughly planned (and well-funded!) security strategy.<\/p>\n<p style=\"text-align: justify;\">In reality, most passwordless solutions today still require a password or other shared secret, but this is what can be called a \u201cpasswordless experience.\u201d These solutions typically hide (or mask) the shared secret from the end-user to deliver a passwordless user experience, but behind the scenes, the shared secret is still on the scene. By storing the shared secret, you leave those secrets in a position where they can be compromised \u2013 which can provide bad actors with the opportunity that can lead to phishing and other cyber-attacks.<\/p>\n<h3 style=\"text-align: justify;\"><strong>Leaving Passwords Behind to Optimize Protection<\/strong><\/h3>\n<p style=\"text-align: justify;\">The good news is there are alternatives to solutions that provide a passwordless experience but still rely on passwords. In a \u201cno password\u201d passwordless environment, there are no shared secrets. There\u2019s nothing to remember, there\u2019s nothing that can be shared, lost, or phished out of users. This \u201cphishing-resistant authentication\u201d ensures that employees and all users have access to what they need when they need it. Clearly, this is a better methodology because it closes a major gap that attackers have been actively exploiting, while also keeping the enterprise in control and ensuring what\u2019s important stays safe.<\/p>\n<p style=\"text-align: justify;\">But a successful true passwordless strategy isn\u2019t just tied to eliminating shared secrets. There are a number of additional factors you should look for as you build out your framework:<\/p>\n<ul style=\"text-align: justify;\">\n<li><strong>No shared secrets<\/strong> \u2013 Naturally, confirm that your solution doesn\u2019t mask or otherwise simply conceal passwords, but eliminates them entirely.<\/li>\n<li><strong>A frictionless experience<\/strong> &#8211; Users will find a workaround if a process is too complex. In a recent survey, more than half (52 percent) of tech leaders said their remote employees had found workarounds to their company\u2019s security policies, creating gaps in authentication that can leave a business vulnerable to cyber-attacks.<\/li>\n<li><strong>Interoperability<\/strong> \u2013 Most organizations already have made some meaningful investments in Identity and Access Management (IAM) solutions in the past, and ripping and replacing them to achieve a passwordless future doesn\u2019t make financial sense. Look for solutions that fortify those existing investments and tools to minimize time to value.<\/li>\n<li><strong>Adaptability<\/strong> \u2013 Authenticate people, devices, and operating systems uniformly and quickly, enabling your organization to stay on budget while keeping in pace with regulatory requirements, compliance, and audit reporting.<\/li>\n<li><strong>Holistic authentication<\/strong> \u2013 Passwordless strategies done in silos-\u2013 in a fragmented fashion, perhaps authenticating different identity types, operating systems, or use cases-\u2013 creates gaps and inconsistencies that can be exploited, even in a \u201cno password\u201d passwordless approach. Make sure you cast the net wide enough and take a holistic approach to authentication to get the most out of your passwordless strategy.<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">A true \u201cno password\u201d passwordless strategy will optimize your cybersecurity posture while at the same time providing the ability to navigate and reduce underlying IT complexity. Your organization will become more phishing resistant, less of a target for ransomware attacks\/account takeovers, and will take a critical step forward to implementing a Zero Trust strategy by limiting reliance on passwords and verifying everything before granting access to your most important assets.<\/p>\n<p style=\"text-align: justify;\"><br \/>Widget not in any sidebars<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As part of Solutions Review\u2019s Premium Content Series\u2014a collection of contributed columns written by industry experts in maturing software categories\u2014 Bassam Al-Khalidi of Axiad explains how passwords may still be lurking underneath the surface of your passwordless strategy. Passwords have been used to protect sensitive information for centuries, spanning from ancient times (e.g., ciphers) all [&hellip;]<\/p>\n","protected":false},"author":96,"featured_media":6115,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5,1],"tags":[142,1839,1838,2049,1445,1220,2048],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Self-Sabotage: How You are Undermining Your Journey to a Passwordless Future<\/title>\n<meta name=\"description\" content=\"Bassam Al-Khalidi of Axiad explains how passwords may still be lurking underneath the surface of your passwordless strategy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bassam Al-Khalidi\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/\",\"name\":\"Self-Sabotage: How You are Undermining Your Journey to a Passwordless Future\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future.jpg\",\"datePublished\":\"2022-09-30T14:20:48+00:00\",\"dateModified\":\"2022-09-30T14:42:45+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/032ed164c54e78e65540c2a63eb84fd8\"},\"description\":\"Bassam Al-Khalidi of Axiad explains how passwords may still be lurking underneath the surface of your passwordless strategy.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future.jpg\",\"width\":800,\"height\":400,\"caption\":\"Passwordless\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Self-Sabotage: How You are Undermining Your Journey to a Passwordless Future\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Identity and Access Management Solutions | Solutions Review\",\"description\":\"Evaluating Enterprise IAM Software, Identity Governance &amp; Access Control Tools.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/032ed164c54e78e65540c2a63eb84fd8\",\"name\":\"Bassam Al-Khalidi\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/1700eba0dd9ddfce7320eb2600762608?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/1700eba0dd9ddfce7320eb2600762608?s=96&d=mm&r=g\",\"caption\":\"Bassam Al-Khalidi\"},\"description\":\"Bassam Al-Khalidi, Co-CEO and Co-founder of Axiad, has over 15 years of experience in designing and deploying identity and access management solutions across large government, enterprise, and healthcare organizations. He is a leading expert in CAC\/PIV smart card and PKI deployment, and has been involved in multiple enterprise-class ID badge deployments over the last several years. He has held a variety of management and senior technical roles for established industry leaders, including ActivIdentity.\",\"sameAs\":[\"https:\/\/www.axiad.com\/\",\"https:\/\/www.linkedin.com\/in\/bassam-al-khalidi-739729\/\",\"https:\/\/x.com\/AxiadIDS\"],\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/khalidi\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Self-Sabotage: How You are Undermining Your Journey to a Passwordless Future","description":"Bassam Al-Khalidi of Axiad explains how passwords may still be lurking underneath the surface of your passwordless strategy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/","twitter_misc":{"Written by":"Bassam Al-Khalidi","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/","url":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/","name":"Self-Sabotage: How You are Undermining Your Journey to a Passwordless Future","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future.jpg","datePublished":"2022-09-30T14:20:48+00:00","dateModified":"2022-09-30T14:42:45+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/032ed164c54e78e65540c2a63eb84fd8"},"description":"Bassam Al-Khalidi of Axiad explains how passwords may still be lurking underneath the surface of your passwordless strategy.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2022\/09\/Passwordless-Future.jpg","width":800,"height":400,"caption":"Passwordless"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/self-sabotage-how-you-are-undermining-your-journey-to-a-passwordless-future\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Self-Sabotage: How You are Undermining Your Journey to a Passwordless Future"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Identity and Access Management Solutions | Solutions Review","description":"Evaluating Enterprise IAM Software, Identity Governance &amp; Access Control Tools.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/032ed164c54e78e65540c2a63eb84fd8","name":"Bassam Al-Khalidi","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/1700eba0dd9ddfce7320eb2600762608?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1700eba0dd9ddfce7320eb2600762608?s=96&d=mm&r=g","caption":"Bassam Al-Khalidi"},"description":"Bassam Al-Khalidi, Co-CEO and Co-founder of Axiad, has over 15 years of experience in designing and deploying identity and access management solutions across large government, enterprise, and healthcare organizations. He is a leading expert in CAC\/PIV smart card and PKI deployment, and has been involved in multiple enterprise-class ID badge deployments over the last several years. He has held a variety of management and senior technical roles for established industry leaders, including ActivIdentity.","sameAs":["https:\/\/www.axiad.com\/","https:\/\/www.linkedin.com\/in\/bassam-al-khalidi-739729\/","https:\/\/x.com\/AxiadIDS"],"url":"https:\/\/solutionsreview.com\/identity-management\/author\/khalidi\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/6113"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=6113"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/6113\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/6115"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=6113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=6113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=6113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}