Using single-factor authentication to protect from cyber attacks is not enough in today’s hyperconnected world.

And the consequences of relying on inferior security measures can be grave. Take the Colonial Pipeline ransomware attack in the US in May 2021, which caused huge business damage. Using a single password, cyber attackers were able to infiltrate the organisation’s data and encrypted IT systems. 

The password was part of a batch of leaked passwords found on the dark web and it allowed access to the virtual private network (VPN) which provided attackers with a remote connection to the company’s server and all the data stored there.

So how can companies protect their network and make sure that cyber criminals can’t access critical data, even with a leaked password?

Organisations are beginning to realise that passwords deliver poor security, negatively impact user experience and increase support costs. They can also see that cyber attackers are relying on this weakness to compromise accounts. 

Thanks to advances in security technology there is now a solution; the ‘passwordless’ authentication method, where a user can log in without entering a password or any other knowledge-based secret. Instead, users are asked to authenticate by only providing an ownership factor or a biometric factor. 

End users no longer need to create, store or remember passwords which can save them stress and hassle, and at the same time the overall security risk is reduced.