The move away from passwords continues to gain speed as companies seek stronger, more secure authentication methods. Passkeys, a relatively new option, are emerging as a leading solution, particularly because they provide phishing-resistant authentication through biometrics and other technologies.
Microsoft and Yubico Partner to Combat Phishing
Recent data underscores the urgency of this shift. A report from Yubico highlighted the alarming frequency of phishing attacks, with estimates of one attack occurring every second. Data from Microsoft Entra revealed a “staggering increase in attempted attacks, with password-based attacks… occurring at a rate of 4,000 per second.”
Microsoft has taken action by mandating multi-factor authentication (MFA) for all Azure sign-ins. Yubico considers this a crucial step. The company also emphasized its ongoing partnership with Microsoft to ensure compatibility between its YubiKey hardware security key and Microsoft Entra ID, positioning YubiKey as a premier security solution for organizations aligned with Microsoft’s security guidelines.
Yubico highlights the benefits of its hardware keys. This includes using public key cryptography, registered at a website or service, which makes it “virtually impossible for attackers to intercept or redirect authentication attempts.” The YubiKey is designed for ease of use and supports multiple authentication protocols across various platforms, including Windows, macOS, Linux, iOS, and Android.
Other Companies Embrace Passwordless Authentication
Amazon Cognito Enters the Passwordless Arena
Amazon Cognito has announced support for passwordless authentication in AWS GovCloud (U.S.) Regions, including sign-in with passkeys, email, and text messages. Users can use built-in authenticators like Touch ID on Apple MacBooks and Windows Hello facial recognition on PCs. This passwordless authentication is part of the Cognito Essentials tier.
Key9 Launches Zero-Trust Authentication Platform
Key9, an identity and access management (IAM) firm based in Jacksonville, Florida, has emerged from stealth mode to unveil its passwordless authentication platform. The platform utilizes public key cryptography and open standards, such as SAML2, OpenID, along with passkeys. Key9’s CEO, Champ Clark III, states, “Passwords are a thing of the past.” The company’s platform offers passkey authentication through biometrics and zero-trust architecture for protection against phishing. A free trial of Key9’s platform is available for testing and feedback.
AuthenTrend and KDDI Digital Security Partner
AuthenTrend, a Taiwan-based biometrics provider, has partnered with KDDI Digital Security Corporation (KDSec). This integration combines KDSec’s “Pasutori” with their ATKey.Pro and ATKey.CardNFC security keys to improve FIDO2 authentication, further enhancing cybersecurity. AuthenTrend’s CEO expressed confidence that this partnership would accelerate the adoption of passwordless authentication, providing a secure and user-friendly solution for enterprises and individual users.
VicRoads Rolls Out Passkeys
In Australia, VicRoads has enabled biometric passkeys for accessing myVicRoads accounts. Passkeys eliminate the need for passwords and reduce the risk of phishing attacks. VicRoads is one of the first Australian organizations to adopt passkeys. VicRoads Chief Technology Officer, Crispin Blackall, noted the success of the pilot program, which resulted in over 200,000 passkeys created, with more than 50 percent adoption among users with passkey-compatible devices. FIDO Alliance CEO Andrew Shikiar noted that users are “quickly realizing the benefits of passkeys.”
