From the greek word authentikos, authentication, the act of verifying an identity, continues to evolved. Depending on the context, authentication might involve validating a person’s identity through identity documents, verifying the authenticity of a website with a digital certificate or determining the age of an artefact by carbon dating or ensuring a product is genuine.
For decades passwords have been the most popular mode of authentication when accessing computing resources including applications and data. However, in recent years, its effectiveness has been called into question given its susceptibility to phishing, brute-force attacks and insider threats.
Today, it is widely recognised that passwords, even the use of multifactor authentication, alone are not enough to secure users, networks and systems.
In this PodChats for FutureCISO, we are joined by Johan Fantenberg, Principal Solutions Architect, APJ, Ping Identity, to talk about how technologies like machine learning and artificial intelligence maybe be influencing the evolution of authentication.
Johan, welcome to PodChats for FutureCISO.
1. What are the different types of authentication that have a potential to displace or augment current password methods?
2. Set a baseline: What is passwordless?
3. What are the challenges with going passwordless?
4. How do you address concerns about the feasibility and practicality of implementing passwordless security solutions across different industries and sectors?
5. Is there a role for AI in the passwordless security marketplace?
6. How should CISOs incorporate AI-embedded practices and technologies to enhance their security posture?
7. Can you cite examples of passwordless authentication?
8. You mentioned FIDO 2 Alliance early on.
9. Cost of deploying passwordless authentication technology.
10. Looking ahead, what trends do you foresee shaping the future of cybersecurity, particularly in the realm of authentication and access management?