Passwordless authentication swaps traditional passwords for a system that identifies users by more secure methods such as “possession factor” or “inherent factor.” By switching to a passwordless approach, companies provide their employees with the same effortless and secure authentication methods that users experience on their smartphones (e.g., FaceID or fingerprint scanner). Sometimes this is confused with 2-factor authentication, because the second factor of 2FA is typically passwordless, but passwordless access is different.
There are different ways to implement passwordless authentication:
- Via a user’s email, which is considered to be a secure method to transmit a token that can be used by a person to confirm their identity
- Through the user’s smartphone, which is protected with a passcode and biometry. There are authenticator applications that may generate one-time passwords or receive push notifications asking the user to confirm the login
- Through a hardware token to be connected via USB, NFC, or BLE. Some hardware tokens can also generate one-time passwords and even have a keyboard to provide the ability to input data (e.g., an authentication challenge code).
Passwordless authentication is a relatively new method so it can be challenging to choose the type of implementation relevant to your needs. Below we compare the advantages and disadvantages of using email, a mobile authenticator, and hardware token.
The benefits and challenges of passwordless authentication
Advantages and Disadvantages of Password Authentication
