Microsoft’s CISO wants passwords gone for good
Link to original article – https://www.zdnet.com/article/microsofts-ciso-why-were-trying-to-banish-passwords-forever/
Microsoft’s chief information security officer (CISO), Bret Arsenault, is ready to eliminate passwords forever – and we bet you are too.
In Arsenault’s time at Microsoft, he has come to understand that passwords are not as effective in protection as we assume they would be. Along with security issues, he feels that users face unnecessary challenges with passwords such as expiration policies and always having to “know something.” By eliminating passwords completely, he says users can have a faster, more secure experience.
So, what does getting rid of passwords actually mean, and what is the alternative?
Microsoft focuses on an innovative biometric security experience to replace the traditional password model. Their Zero Trust network design protects identities, stops threats, and secures your resources across the clouds. This currently comes in the forms of Microsoft Multi-Factor Authentication (MFA) for iOS and Android users, and Windows Hello for Windows 10 PCs.
Multi-Factor Authentication requires users to identify themselves with a password and additional form of verification, whether it be a pin, security key, or face/voice biometrics. Windows Hello users simply rely on inherent features such as fingerprint and facial recognition to gain access.
What does this mean for organizations?
If an organization has brownfield apps that are incapable of supporting biometrics, Arsenault recommends enabling MFA as soon as possible. He says that targeting high-risk accounts first will get an initial shield of protection. “I think what a lot of people should and need to do is take a risk-based approach: first get MFA enforced for high-risk/value groups like admins, HR, legal group and so on, and then move to all users. It can be a multi-year journey, depending on how quickly you want to do something,” Arsenault says.
Does your organization still rely on passwords? Opal is here to get you started with Multi-Factor Authentication. Talk with one of our specialists to get your business protected!