“Microsoft promises to ease the pains of going passwordless “ https://www.cnet.com/news/microsoft-promises-to-ease-the-pains-of-going-passwordless/
The report says “Roughly 200 million people using Microsoft services already have made the jump past passwords”. I would like to add “Who benefits?”
If ‘passwordless’ means ‘removal of the whole password family including PIN’, the ‘passwordless’ announcement was correct and this solution would be tantamount to an ATM that automatically dispenses your money against your bank card without asking for your PIN. Who benefits from this brilliant feat?
If those passwordless people were of the view that PIN, that is a numbers-only password, is not a password and therefore PIN can be used in a passwordless solution, who benefits from such misleading ‘PIN-dependent passwordless login’?
Unfortunately, too many security people are too indifferent to the true nature and characteristics of authentication factors.
* Attempts to compare the vulnerability of a wisely or poorly managed password with that of a poorly or wisely deployed physical token would obviously take us nowhere.
< Videos on YouTube>
< Media Articles Published in 2020 >
Digital Identity — Anything Used Correctly Is Useful https://www.valuewalk.com/2020/05/digital-identity-biometrics-use/
‘Easy-to-Remember’ is one thing ‘Hard-to-Forget’ is another https://www.paymentsjournal.com/easy-to-remember-is-one-thing-hard-to-forget-is-another/
Identity Assurance And Teleworking In Pandemic https://www.informationsecuritybuzz.com/articles/identity-assurance-and