Cisco Secure has announced the introduction of infrastructure agnostic, passwordless authentication by Duo. Integrated into the existing Duo authentication used by more than 25,000 organizations globally, Duo passwordless authentication will enable enterprise users to adopt security keys or biometrics built into modern laptops and smartphones.
The consequences of using passwords are well known. Passwords are easily compromised and difficult to manage, costing enterprises billions of dollars annually. Users are inundated with passwords in their personal and professional lives. Password reset requests comprise a lion’s share of IT help desk tickets, resulting in lost productivity for users and increased support costs for the business.
Duo passwordless authentication is part of Cisco’s zero trust platform. The product is designed to be infrastructure agnostic, paving the way to a passwordless future while ensuring that enterprises can seamlessly protect any combination of cloud and on-premises applications without requiring multiple authentication products or leaving critical security gaps.
“Cisco has strived to develop passwordless authentication that meets the needs of a diverse and evolving workforce and allows the broadest set of enterprises to securely progress towards a passwordless future, regardless of their IT stack,” said Gee Rittenhouse, SVP and GM of Cisco’s Security Business Group. “It’s not an overstatement to say that passwordless authentication will have the most meaningful global impact on how users access data by making the easiest path the most secure.”
Duo passwordless authentication will:
- Simplify and strengthen authentication for accessing cloud applications protected by Duo single sign-on (SSO) and third-party SSO and identity providers, by leveraging security keys and platform biometrics such as Apple FaceID and TouchID, and Windows Hello. Pairing passwordless authentication with Duo SSO enables organizations to consolidate hundreds of passwords and authentications into one easy login for users to cloud applications.
- Provide one security tool for all authentication scenarios thanks to Duo’s compatibility with hundreds of applications and identity providers, with no infrastructure change required.
- Reduce risk of password-related threats and vulnerabilities such as phishing, stolen or weak passwords, password reuse, brute-force, man-in-the-middle attacks and password database compromise.
- Add layers of security to the authentication with device health and behavior monitoring controls via Duo’s secure access product suite, further reducing risk in the event a biometric is stolen or not effective.
- Reduce administrative burden of password-related help desk tickets and password
“Cisco is well-positioned to accelerate the adoption of passwordless authentication as enterprises seek to alleviate the password-related headaches that for years have plagued their users and IT teams,” said Jay Bretzmann, Program Director for Identity & Digital Trust and Cloud Security, IDC. “While the transition will be a process for organizations due to legacy infrastructure, passwordless authentication is a key stepping stone to enabling a zero-trust security architecture and a feature that organizations must begin looking into.”
Duo passwordless authentication leverages the Web Authentication (WebAuthn) standard, based in asymmetric cryptography, enabling biometrics to be securely stored on and validated by the device, locally, as opposed to a centralized database. Duo helped drive WebAuthn’s ratification as an official web standard and adoption across platforms as a member of the World Wide Web Consortium (W3C) working group.
Duo’s security practices are built on ISO 27001, NIST’s Cyber Security Framework, and AICPA’s Trust Service Principles and are designed to meet GDPR and other privacy laws around the world. Duo is committed to the highest level of security for its customers – both public and private, and currently holds SOC2 Type II, ISO27001:2013, ISO27017:2015, and ISO27018:2019 certifications, as well as being FedRAMP authorized.
