So are we finally doing this? Are we finally moving to passwordless authentication?
Microsoft and Google have been pushing this aggressively over the past several months, and Apple has been a major player by being the first out of the box with fingerprint authentication on the iPhone. Most PCs and Mac laptops now offer Touch ID, so inside of a year or two people can use them for passwordless authentication, too.
The industry largely views passwords as outdated and one of the major causes of breaches. According to the Verizon's "2019 Data Breach Investigations Report," more than 80% of breaches leverage stolen or weak passwords. That's why the industry has been pushing for open standards, such as FIDO (Fast Identity Online), which would help security teams and developers more readily deploy passwordless authentication. The FIDO Alliance, which was founded by next-generation authentication company Nok Nok Labs, PayPal, Lenovo, Validity Sensors, Infineon, and Agnitio, first began its development of the passwordless authentication protocol in 2012.
Recent research by Ant Allan, a Gartner analyst who focuses on passwordless authentication, predicts that by 2022, 60% of large and global enterprises and 90% of midsize enterprises will implement passwordless methods in more than 50% of use cases — up from 5% in 2018.
To be sure, vendors have taken notice. Here are eight of the leading passwordless authentication approaches and a look at what needs to happen moving forward.