Cisco Talks Password Less Future

Cisco Secure unveiled the future of simple and effective security with infrastructure agnostic, password less authentication by Duo. Duo password less authentication claims to enable enterprise users to skip the password and securely log into cloud applications via security keys or biometrics built into modern laptops and smartphones.

Duo password less authentication is part of Cisco’s zero trust platform, securing access for any user, from any device, to any IT application or environment. The product is designed to be infrastructure agnostic, paving the way to a password less future while ensuring that enterprises can seamlessly protect any combination of cloud and on premises applications without requiring multiple authentication products or leaving critical security gaps, explains the agency.

“Cisco has strived to develop password less authentication that meets the needs of a diverse and evolving workforce and allows the broadest set of enterprises to securely progress towards a password less future, regardless of their IT stack. It’s not an overstatement to say that password less authentication will have the most meaningful global impact on how users access data by making the easiest path the most secure,” stated Gee Rittenhouse, SVP and GM of Cisco’s Security Business Group.

Duo password less authentication assures to:
1. Simplify and strengthen authentication for accessing cloud applications protected by Duo single sign on (SSO) and third party SSO and identity providers, by leveraging security keys and platform biometrics such as Apple FaceID and TouchID and Windows Hello. Pairing password less authentication with Duo, SSO enables organizations to consolidate hundreds of passwords and authentications into one easy login for users to cloud applications.
2. Provide one security tool for all authentication scenarios thanks to Duo’s compatibility with hundreds of applications and identity providers, with no infrastructure change required.
3. Reduce risk of password related threats and vulnerabilities such as phishing, stolen or weak passwords, password reuse, brute force, man-in-the-middle attacks and password database compromise.
4. Add layers of security to the authentication with device health and behavior monitoring controls via Duo’s secure access product suite, further reducing risk in the event a biometric is stolen or not effective.
5. Reduce administrative burden of password related help desk tickets and password resets.

“Cisco is well positioned to accelerate the adoption of password less authentication as enterprises seek to alleviate the password related headaches that for years have plagued their users and IT teams,” said Jay Bretzmann, Program Director for Identity & Digital Trust and Cloud Security, IDC adding, “While the transition will be a process for organizations due to legacy infrastructure, password less authentication is a key stepping stone to enabling a zero trust security architecture and a feature that organizations must begin looking into.”

According to the 2020 Duo Trusted Access Report, 80 percent of mobile devices used for work have biometrics configured, up 12 percent the past five years. Duo password less authentication leverages the Web Authentication (WebAuthn) standard, based in asymmetric cryptography, enabling biometrics to be securely stored on and validated by the device, locally, as opposed to a centralized database. Duo helped drive WebAuthn’s ratification as an official web standard and adoption across platforms as a member of the World Wide Web Consortium (W3C) working group.

Wolfgang Goerlich, Advisory Chief Information Security Officer, Duo Security at Cisco stated, “Password less is a journey requiring incremental changes in users and IT environments alike, not something enterprises can enable overnight. Duo can help enterprises transition their environments and workforces securely and minimize user friction while simultaneously increasing trust in every authentication.”